QoS Is Dead. Long Live QoS!
Ah, good old Quality of Service. How often have we spent our time as networking professionals trying to discern the archaic texts of Szigeti to learn how to make you work? QoS is something that seemed so necessary to our networks years ago that we would spend hours upon hours trying to learn the best way to implement it for voice or bulk data traffic or some other reason. That was, until a funny thing happened. Until QoS was useless to us.
Rest In Peace and Queues
QoS didn’t die overnight. It didn’t wake up one morning without a home to go to. Instead, we slowly devalued and destroyed it over a period of years. We did it be focusing on the things that QoS was made for and then marginalizing them. Remember voice traffic?
We spent years installing voice over IP (VoIP) systems in our networks. And each of those systems needed QoS to function. We took our expertise in the arcane arts of queuing and applied it to the most finicky protocols we could find. And it worked. Our mystic knowledge made voice better! Our calls wouldn’t drop. Our packets arrived when they should. And the world was Continue reading
Juniper vSRX 15.1X49 on QEMU
Recently, I have been quite busy running into some problems with deployment of Junos 15.1X49-D15.4 on Qemu image. So, I want make your lifer easier and I share my quick installation steps with you.
1. Download vSRX VMware Appliance
Download the file media-srx-ffp-vsrx-vmdisk-15.1X49-D15.4.ide.ova. The good news is that you do not need to enter a licence key after you download the image. The bad new is that you still need a valid contract with Juniper in order to download the file. Luckily, you can find the installation file flying somewhere on the Internet.
2. Extract Archive and OVA files
$ unrar e media-srx-ffp-vsrx-vmdisk-15.1X49-D15.4.ide.rar
$ tar xvf media-srx-ffp-vsrx-vmdisk-15.1X49-D15.4.ide.ova
3. Convert StreamOptimized Virtual Machine Disk to Format
Details ale explained in my original vSRX article.
$ qemu-img convert -O qcow2 media-srx-ffp-vsrx-vmdisk-15.1X49-D15.4-disk1.vmdk media-srx-ffp-vsrx-vmdisk-15.1X49-D15.4-disk1.img
4. Hack Image To Support QEMU
Unfortunately, vSRX 15.1 image boots to “Wind River Linux 6.0.0.15” prompt but it would not launch the freebsd VM within the nested KVM instance. The workaround along with the detailed explanation of the issue is originally posted here.
$ /usr/local/bin/qemu-system-x86_64 -m 4192M Continue reading
Pulling Configs from Cisco NSO using curl and json2yaml.py
We’re using Cisco NSO in our lab at the moment to provision L3VPNs across multi-vendor environments as part of a demo. Just noting down a few things here for future reference:
You can use the curl (command-line URL) utility to query NSO’s API and retrieve the configuration of a device it knows about. You probably know that NSO syncs a device’s config locally, so this will be a way to retrieve the device config that NSO knows about – if the device is out of sync, of course this won’t quite be the latest:
curl -u username:password -H "Accept: application/vnd.yang.data+json" http://192.168.8.172:8080/api/config/devices/device/CPE-3/config | json2yaml
I’ll break this down:
curl -u username:password – provides the username and password of your NSO installation
-H “Accept: application/vnd.yang.data+json” – specifies an HTTP header to send in the request. In this instance, we are saying that we are expecting a JSON response. Alternatively you could specify ‘vnd.yang.data+xml’ to receive an XML response.
http://192.168.8.172:8080/api/config/devices/device/CPE-3/config – this is the API request we are making. CPE-3 is the device we are requesting the configuration of.
| json2yaml – this pipes the JSON response through a python module Continue reading
Using Screen Scraping in Network Automation
The first time I encountered screen scraping was in mid-1990. All business applications were running on IBM mainframes those days, and IBM used proprietary terminal system (remember 3270) that was almost impossible to interact with, so some people got the “bright” idea of emulating that screen, scraping information off the emulated screen and copying it into HTML pages… thus webifying their ancient apps.
Guess what – we’re still doing the very same thing in network automation as Andrea Dainese succinctly explained in the latest addition to his Automation for Cisco NetDevOps article.
Introduction to DNS Privacy
Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map a human-friendly domain name to a set of IP addresses that can be used to deliver packets over the Internet. DNS transactions can therefore be correlated to the applications we use, the websites we visit, and sometimes even the people we communicate with.
While the domain name information itself is public, the transactions performed by the hosts are not. Unfortunately, the DNS does not inherently employ any mechanisms to provide confidentiality for these transactions, and the corresponding information can therefore easily be logged by the operators of DNS resolvers and name servers, as well as be eavesdropped by others.
So we are publishing our Introduction to DNS Privacy to raise awareness of the privacy implications of the DNS, and the mechanisms that have been recently developed to improve user privacy.
Please also check our DNS Privacy page for more information!
Further Information
The post Introduction to DNS Privacy appeared first on Internet Society.
The State of DNSSEC Validation
Many aspects of technology adoption in the Internet over time show simple "up and to the right" curves. What lies behind these curves is the assumption that once a decision is made to deploy a technology the decision is not subsequently "unmade." When we observe an adoption curve fall rather than rise, then it’s reasonable to ask what is going on.No Escape From SD-WAN: RSA 2019 Perspectives
Just when you thought the waters were safe ...
Podcast: Findings From a Service Provider Survey
During this session, ACG Research’s Chris Nicoll will share some key insights from the...
Datanauts 160: The Hitchhiker’s Guide To IT Travel
Today's Datanauts episode offers travel advice for IT pros who spend a lot of time on the road. Our three guests have logged millions of miles for work. They share tips on getting from A to B smoothly, offer packing hints for clothes and equipment, give advice on maximizing travel programs, and tout their favorite travel gear.
The post Datanauts 160: The Hitchhiker’s Guide To IT Travel appeared first on Packet Pushers.
Tetrate Wraps Envoy, Istio Into an Easier to Deploy Service Mesh
The platform provides a more consistent way for enterprises to manage their applications across...
Intel, Linux Foundation Launch Open Source Silicon Groups
Both new groups formed just days before the granddaddy of open source hardware groups, Open Compute...
CloudFlare Raises $150M, Likely Delaying Its Expected IPO
This round brings CloudFlare’s total funding to $330 million. Its investors include CapitalG...
AT&T CFO Highlights Software Role in 5G
The ability to put core network functions on software so AT&T can control, improve, and...
Reflecting on my first year as Head of Cloudflare Asia
One year into my role as Head of Asia for Cloudflare, I wanted to reflect on what we’ve achieved, as well as where we are going next.
When I started, I spoke about growing our brand recognition in Asia and optimizing our reach to clients by building up teams and channel partners. I also mentioned a key reason behind my joining was Cloudflare’s mission to help build a better Internet and focus on democratizing Internet tools that were once only available to large companies. I’m delighted to share that we’ve made great progress and are in a strong position to continue our rapid growth. It’s been a wonderful year, and I’m thrilled that I joined the company.
There has been a lot going on in our business, as well as in the region. Let’s start with Cloudflare Asia.
Cloudflare Asia
Our Singapore team has swelled from 40 people from 11 countries to almost 100 people from 19 nations. Our team is as diverse as our client base and keeps the office lively and innovative.
Our Customers
The number of Asian businesses choosing to work with us has more than doubled. You can check out what Continue reading
IXDO Project: An Internet Exchange Point in the Dominican Republic
For more than a decade, different organizations from civil society and the private sector have been involved in efforts to establish an Internet Exchange Point (IXP) in the Dominican Republic, with no success. Possible causes were either lack of interest at the time, the maturity level of the ICT sector, or even lack of financial support. The Internet Society Dominican Republic Chapter decided to discuss those outcomes with different stakeholders and promote an atmosphere to proceed when the moment was right.
Among efforts from the past, it is important to mention two of them, which made important advances: (1) the datacenter firm NAP del Caribe (NDC), invited interested local Internet Service Providers (ISP) to establish either an IXP or private peering; (2) the academic sector worked to establish a local research network, Red de Avanzada Dominicana de Estudio e Investigación (RADEI), which sought the support of the local regulator Instituto Dominicano de las Telecomunicaciones (INDOTEL).
In 2017, the Internet Society Chapter Dominican Republic (ISOC-DO) board, after considering past efforts and brainstorming on different approaches to succeed in the IXDO initiative, taking inspiration on the regional trends, and locating experts to support our goal, decided to design the annual Continue reading