Oak Island Beach

The post Oak Island Beach appeared first on 'net work.

Bluetooth Technology 101

Bluetooth is everywhere—you’ll find it in smartphones, tablets, laptops, TVs, cars, security systems, computer peripherals (mice, keyboads, headphones), smartwatches and more. A great many manufacturers in every sector of the tech industry have adopted Bluetooth for reliable and ubiquitous short-distance communication. But while most of us can decode the intricacies of a Wi-Fi connection by the standard’s nomenclature, recognition of Bluetooth capabilities usually ends with the version number. -via Tom’s Hardware

The post Bluetooth Technology 101 appeared first on 'net work.

Lawful Hacking and Continuing Vulnerabilities

Vulnerabilities are found, fixed, then published. The entire security community is able to learn from the research, and­ — more important­ — everyone is more secure as a result of the work. The FBI is doing the exact opposite. It has been given whatever vulnerability it used to get into the San Bernardino phone in secret, and it is keeping it secret. All of our iPhones remain vulnerable to this exploit. This includes the iPhones used by elected officials and federal workers and the phones used by people who protect our nation’s critical infrastructure and carry out other law enforcement duties, including lots of FBI agents. -Schneier on Security

The post Lawful Hacking and Continuing Vulnerabilities appeared first on 'net work.

Writing books still matters—reading them does, too

Ivan, over at ipspace.net, has an interesting post up on writing books —

Why would you want to write a book? If you think you’ll earn a lot of money, think twice… unless you plan to write a science fiction bestseller, Swift-for-Dummies, or 50 Shades of Something.

Several points in reply…

No, you won’t make a lot of money. Writing books for a living (in fact, writing for a living at all) has been pretty much destroyed by several factors, including the absolute dismal rate at which our culture reads (I’m considered something of a freak with my goal of reading 100 books/year; C.S. Lewis read that many in a few weeks in the hospital, across four or five languages), and the rate at which people try to “climb the author pile” by writing for free on blogs/etc.

There is one comment here that I think is really worth pointing out: To make matters worse, core networking is not exactly a popular topic (compared to Swift Programming or Introduction to IPv6)… I’ve heard this a lot in my time as an author—for instance, my books simply don’t sell as well as just about anything at the CCIE level, Continue reading

The State vs. Andrews—Privacy and secrecy are not the same

Finally, the court took on the third-party doctrine, which says that if you reveal information in order to use a company’s services — say, giving a check to a bank or dialing a phone number — it is as if the information has been revealed to the world, and the police can get the same data from the company without having to get a warrant. In short, the third-party doctrine conflates secrecy and privacy: If you didn’t keep something secret, you didn’t keep it private either. -via Just Security

The post The State vs. Andrews—Privacy and secrecy are not the same appeared first on 'net work.

Reaction: The 650 Gb/s software router

I’m forever seeing announcements like this in the software defined networking world—

The Linux-based CloudRouter Project, which is working on code for an open source virtual router, released version 3.0 this week. It adds Linux Data Plane Development Kit (DPDK) kernel enhancements and claims throughput in excess of 650 Gb/s on commodity hardware.

But you need to note one specific thing about this announcement. How did they achieve these forwarding rates? By using DPDK to offload the actual, well, forwarding to a custom ASIC on a NIC. The reality is that we’ve always done the control plane in software, and we’ve always done the forwarding in hardware. There have been precious few router platforms over the years where the forwarding plane is actually an “embedded system.”

Certainly we’re seeing a world where open source operating systems are learning to interact with commodity ASICs so it’s possible to separate the software from the hardware, and the operating system from the control plane, and this is all too the good. But if this is software defined networking, then we’ve been doing this since sometime in the 1990’s, perhaps even earlier…

Perhaps we’ve become so accustomed to considering the network operating Continue reading

Why an Open Internet Matters

As an Internet Society board member coming from the Middle East, I’m often confronted by the question of whether it is enough to have Internet access, or must we also ensure that the access is open and unrestricted. I hereby lay the case in this short article in defense of the argument that having an open Internet does matter and we ought to ensure it remains so. -via the Internet Society

The post Why an Open Internet Matters appeared first on 'net work.

Securing BGP: A Case Study (6)

In my last post on securing BGP, I said—

Here I’m going to discuss the problem of a centralized versus distributed database to carry the information needed to secure BGP. There are actually, again, two elements to this problem—a set of pure technical issues, and a set of more business related problems. The technical problems revolve around the CAP theorem, which is something that wants to be discussed in a separate post; I’ll do something on CAP in a separate post next week and link it back to this series.

The CAP theorem post referenced above is here.

Before I dive into the technical issues, I want to return to the business issues for a moment. In a call this week on the topic of BGP security, someone pointed out that there is no difference between an advertisement in BGP asserting some piece of information (reachability or connectivity, take your pick), and an advertisements outside BGP asserting this same bit of information. The point of the question is this: if I can’t trust you to advertise the right thing in one setting, then why should I trust you to advertise the right thing in another? More specifically, if you’re using Continue reading

Broken Configurations, Broken Windows

The “broken windows” theory states that small problems can become bigger ones unless dealt with quickly. The theory suggests that people infer the rules of behavior from what they observe. It suggests that working hard to clean up a neighborhood by making repairs like fixing broken windows will help to deter further vandalism. In this article, I will discuss how this theory applies to network configuration. -via Network Computing

The post Broken Configurations, Broken Windows appeared first on 'net work.

Worth Reading: Don’t ask what you can measure

One of the most striking things about the “big data” world of today is the focus on mining data over answering questions. So many projects start with asking what data is easily obtainable and which tools are most easily amenable to working with that dataset, rather than asking what question the analysis is trying to answer. The result is a landscape littered with data-intensive projects that prioritize technical prowess of execution over the robustness of the findings derived from the analysis. What does this mean for the future evolution of the field? -via Forbes

The post Worth Reading: Don’t ask what you can measure appeared first on 'net work.

The Candy Jar Effect

When I first started in Cisco TAC, as a lowly grade 3 engineer taking hardware RMA calls, I didn’t know anyone. I had just moved to North Carolina, we hadn’t found a church yet, I’m not the most social person on the face of the earth (in fact, if anything, I’m antisocial), and I was sitting in a cubicle surrounded by people who’d been working in serious networking for a lot longer than I had. Not only that, but a lot of them were a lot smarter than I was (and still are). These people were really busy; it was hard to sip from the firehose, and I really needed to find my way around. How could I go about building a network?

What to do… ??

I put a candy jar on my desk, and filled it with interesting candy. How would a candy jar work? Well, it attracted all sorts of interesting people to my desk throughout the day, and as I got to know what different people liked, it gave me an excuse to bring stuff to their desk—along with a question about a case I was working on, of course. In a sense, I learned all I Continue reading

Worth Reading: Are we headed to another bust?

I believe it is important to remember this history as we celebrate the rise of the unicorns. There are already some indications the current tech boom may be nearing its end. The media has started commenting “The signs of a new tech bubble are everywhere: easy money, widespread exuberance, hidden leverage, and mass participation by amateur investors.” What turns a bubble into a bust is a change in investors’ psychology. History tells us it does not take much for such a change to occur. The decline of stock markets around the world over the past few months suggests such a change may already be taking place. -via the Communications of the ACM

The post Worth Reading: Are we headed to another bust? appeared first on 'net work.

Worth Reading: A yot of YANG

The YANG Model Coordination Group has been spending time on the inventory of those YANG models in the industry, the tooling aspects, the help with the compilation, the training & education (NETCONF, YANG, pyang), the coordination across SDOs/opensource, the model coordination with the IETF. On the tooling front, the YANG model extraction and compilation is now integrated in the IETF draft submission tool, thanks to Henrik Levkowetz. So no more excuses for producing YANG models that don’t compile. -via the IETF blog

The post Worth Reading: A yot of YANG appeared first on 'net work.

Windows in Buenos Aires

The post Windows in Buenos Aires appeared first on 'net work.

Worth Reading: The road to 200g

The transitions from one network speed to another can be very disruptive and costly, as the move from 1 Gb/sec to 10 Gb/sec speeds was when it started out on routers in 2002 and trickled down to aggregation and top of rack switches in the following years as switch ASIC, adapter card, and transceiver costs all fell. -via The Next Platform

The post Worth Reading: The road to 200g appeared first on 'net work.

Worth Reading: The end of Moore’s Law?

Moore’s Law may be nearing its end, however. Tom Simonite at the MIT Technology Review writes that Intel has declared in a regulatory filing what insiders have suspected: The company is slowing the release of new chips in a manner that doesn’t keep pace with the law. The reason is simply that fabricating small transistors, which now are at about 14 nanometers, is increasingly difficult and costly. The insiders suspect that the end is near because the next generation, which aims at 10 nm, has already been delayed. -via IT Business Edge

The post Worth Reading: The end of Moore’s Law? appeared first on 'net work.

The CORD Architecture

Edge provider networks, supporting DSL, voice, and other services to consumers and small businesses, tend to be more heavily bound by vendor specific equipment and hardware centric standards. These networks are built around the more closed telephone standards, rather than the more open internetworking standards, and hence they tend to be more expensive to operate and manage. As one friend said about a company that supplies this equipment, “they just print money.” The large edge providers, such as AT&T and Verizon, however, are not endless pools of money. These providers are in a squeeze between the content providers, who are taking large shares of revenue, and consumers, who are always looking for a lower price option for communications and new and interesting services.

If this seems like an area that’s ripe for virtualization to you, you’re not alone. AT&T has been working on a project called CORD for a few years in this area; they published a series of papers on the topic that make for interesting reading:

• A set of slides covering the concept can be found here
• A recording of a talk on this topic can be found here
• A shorter white paper on the topic can Continue reading

Worth Reading: Yellow journalism on encryption

That’s not how encryption works. Instead, if “encryption” were the one thing the terrorists were using to hide, then you’d certainly find encrypted emails and encrypted messages — ones you couldn’t read without knowing the key. The lack of emails/messages instead hints that the terrorists were meeting in person, passing paper notes to each other, or using telepathy. All of these, even telepathy, are more likely explanation for the lack of evidence than “encryption”. It’s a typical example of yellow journalism. The public isn’t familiar with “encryption”, so it’s easy to sensationalize it, to make it seem like something sinister is going on. -via Errata Security

The post Worth Reading: Yellow journalism on encryption appeared first on 'net work.

Worth Reading: Construction zones on the Ethernet road map

There is never enough bandwidth in a datacenter that is the size of a football field and that is expected to work more or less like a single computer. While 10 Gb/sec Ethernet on the server and 40 Gb/sec Ethernet on the backbone is fine for many enterprises today, hyperscalers, cloud builders, and service providers are pushing up against these limits and crave more bandwidth. -via The Next Platform

The post Worth Reading: Construction zones on the Ethernet road map appeared first on 'net work.

Reaction: Should routing react to the data plane?

Over at Packet Pushers, there’s an interesting post asking why we don’t use actual user traffic to detect network failures, and hence to drive routing protocol convergence—or rather, asking why routing doesn’t react to the data place.

I have been looking at convergence from a user perspective, in that the real aim of convergence is to provide a stable network for the users traversing the network, or more specifically the user traffic traversing the network. As such, I found myself asking this question: “What is the minimum diameter (or radius) of a network so that the ‘loss’ of traffic from a TCP/UDP ‘stream’ seen locally would indicate a network outage FASTER than a routing update?”

This is, indeed, an interesting question—and ones that’s highly relevant in our current software defined/drive world. So why not? Let me give you two lines of thinking that might be used to answer this question.

First, let’s consider the larger problem of fast convergence. Anyone who’s spent time in any of my books, or sat through any of my presentations, should know the four steps to convergence—but just in case, let’s cover them again, using a slide from my forthcoming LiveLesson on IS-IS:

There Continue reading