Nokia CEO Rajeev Suri Keeps 5G Pressure on Euro Operators
Suri also stated that in terms of costs, Nokia was “confident” in its ability to compete, and...
Ericsson Uses Intel 10nm Tech for 5G Base Station Products
The chip giant also announced its new FPGA acceleration card for telecommunications service...
The Week in Internet News: IoT Botnets Come for Video Conferencing Systems
Botnets attack: A handful of botnets using compromised Internet of Things devises are now targeting enterprise video conferencing systems, reports CSO Online. Three recently identified botnets are based on the Mirai botnet, which had its source code leaked back in 2016. The original Mirai is no longer active, but its source code has served as the base for at least 13 other botnets.
Pulling the plug: Internet shutdown are common, but ineffective, argues a journalist and researcher on The Conversation. Shutdowns “seem to animate dissent and encourage precisely the kind of responses considered subversive by many governments,” writes George Ogola. “Internet shutdowns don’t stop demonstrations. Nor do they hinder the production and circulation of rumours: they encourage them instead.”
The war on porn: Meanwhile, the government of Bangladesh has shutdown about 20,000 websites, including some popular social media sites, in the name of banishing pornography, the Guardian reports. Authorities believe some social media sites are contributing to the problem, apparently.
Digital colonies? The BBN Times has a provocative opinion piece suggesting that the Internet, and Internet Governance, is aiding in a process of “digital colonization.” The U.S. is sending its language, culture, and tech products Continue reading
Cloudflare Transparency Update: Joining Cloudflare’s Flock of (Warrant) Canaries
Today, Cloudflare is releasing its transparency report for the second half of 2018. We have been publishing biannual Transparency Reports since 2013.
We believe an essential part of earning the trust of our customers is being transparent about our features and services, what we do – and do not do – with our users’ data, and generally how we conduct ourselves in our engagement with third parties such as law enforcement authorities. We also think that an important part of being fully transparent is being rigorously consistent and anticipating future circumstances, so our users not only know how we have behaved in the past, but are able to anticipate with reasonable certainty how we will act in the future, even in difficult cases.
As part of that effort, we have set forth certain ‘warrant canaries’ – statements of things we have never done as a company. As described in greater detail below, the report published today adds three new ‘warrant canaries’, which is the first time we’ve added to that list since 2013. The transparency report is also distinguished because it adds new reporting on requests for user information from foreign law enforcement, and requests for user information that we Continue reading
To Code Or Not To Code: Expression & Symbiosis
There is still an ongoing debate over the need for network engineers to pick up some software skills. Everything network engineers touch in more recent times has some programmatic means of control and these interfaces can be used to scale out engineer workflows or for abstract systems to drive. The bottom up view is to write scripts or use tools like Terraform or Ansible to use them. In engineer driven workflows, I see regular usage of Salt Stack as an abstraction layer over the top of a target group of devices to do very human tasks with! The latter use case is interesting because it follows a very basic system rule of high gain from abstraction. In this instance, the programmatic interfaces are used to amplify human capabilities. If that’s the bottom up view, the top down view is to embrace the world of RPA (Robotic Process Automation). We’ve been calling this "big button" automation for years now and we can view this as human driven tasks, mechanised to run on a platform or framework. It’s a case of "Back to the Future" and it comes straight out the 1970s.
When a network engineer goes on a Python course to Continue reading
SAP Covers All Line-of-Business Apps in Leonardo IoT Shell
The moves further tightens integration across SAP's platforms, but analysts warn it could deter new...
Last Week on ipSpace.net (2019W8)
We started the Spring 2019 Building Network Automation Solutions course on Tuesday with building virtual labs presentation by one-and-only Matt Oswalt of the NRE Labs fame, and finished the AWS Networking Deep Dive saga on Thursday with an overview of AWS load balancing mechanisms, from elastic load balancing (CLB/NLB/ALB) to DNS-based load balancing, CloudFront and Global Accelerator… and figured out how Amazon reinvented VRFs and hub-and-spoke VPNs with Transit gateways.
The AWS Networking Deep Dive webinar is part of standard ipSpace.net subscription You can access Matt’s presentation and all other materials of the Building Network Automation Solutions online course with Expert Subscription (assuming you choose this course as part of your subscription).
RIRs enhance support for routing security
BGP hijacking and route leaks represent significant problems in the global Internet routing systems, along with source address spoofing. BGP hijacks are where allocated or unallocated address space is announced by entities who are not holders and are not authorized to use it.
The announcement of allocated address space often creates big news, such as when 53 route prefixes of Amazon were hijacked, but the announcement of unallocated address space (whether IPv4, IPv6 or AS numbers) which are also known as ‘bogons’ often does not generate much publicity as it does not cause immediate disruptions to service or business. With depletion of the IPv4 address space though, the announcement of bogons are on the rise with miscreants scraping the unallocated address space from all RIRs and abusing it.
Resource Public Key Infrastructure (RPKI) was therefore developed to try to solve these problems, and APNIC (the Routing Internet Registry for the Asia-Pacific region) recently announced it will honour the creation of AS0 ROA objects. They join ARIN, AfriNIC and the RIPE NCC in supporting AS0 ROA objects, with only LACNIC yet to implement this.
APNIC members can create AS0 ROAs for the prefixes they manage using the MyAPNIC platform.
So, Continue reading
Cloudflare’s RPKI Toolkit
A few months ago, we made a first then a second announcement about Cloudflare’s involvement in Resource Public Key Infrastructure (RPKI), and our desire to make BGP Internet routing more secure. Our mission is to build a safer Internet. We want to make it easier for network operators to deploy RPKI.
Today’s article is going to cover our experience and the tools we are using. As a brief reminder, RPKI is a framework that allows networks to deploy route filtering using cryptography-validated information. Picture TLS certificates for IP addresses and Autonomous System Numbers (ASNs)
What it means for you:
We validate our IP routes. This means, as a 1.1.1.1 DNS resolver user, you are less likely to be victim of cache poisoning. We signed our IP routes. This means a user browsing the websites on Cloudflare’s network are unlikely to experience route hijacks.
All our Points of Presence which have a router compatible with The Resource Public Key Infrastructure (RPKI) to Router Protocol (RTR protocol) are connected to our custom software called GoRTR and are now filtering invalid routes. The deployment amounts to around 70% of our network.
We received many questions regarding the amount of invalid Continue reading
AT&T Works With VMware to Combine SD-WAN, 5G Capabilities
The operator called this a “transformative combination,” claiming that it will bring control to...
Worth Reading: I Used To Think…
Ethan Banks joined the grumpy old networking engineer club - a must-read collection of lessons-learned and disappointments he encountered in his career (and I love to see how someone else says what I always wanted to say way more eloquently)