Worth Reading: iptables tips and tricks

The iptables userspace command-line tool builds upon this functionality to provide a powerful firewall, which you can configure by adding rules to form a firewall policy. iptables can be very daunting with its rich set of capabilities and baroque command syntax. —Gary Smith @opensource.com

Worth Reading: eVPN on the host

Virtual machines in the Linux ecosystem are mostly KVM deployments and in many cases deployed in combination with Openstack. There are different multi tenant architectures, but the most common one is to build an overlay network with VXLAN between the hypervisors. To reach resources outside the specific tenant environment, dedicated network nodes are being used. —Attilla de Groot @Cumulus

The State of IPv6 Deployment

Worth Reading: Network Troubleshooting

Approach a problem with an open mind, distill the “signal from the noise”, and test your hypothesis. A well-defined problem description is essential to moving forward towards final resolution. When a sports team wins the championship (you pick your favorite activity), it is not by accident. Behind every team is a coach, who leads by experience — with a game plan. Plans are built upon communication between team members. @IPSpace

Worth Reading: Most home routers are insecure

Research conducted by the American Consumer Institute Center for Citizen Research indicates that the routers commonly found in homes are huge security vulnerabilities for consumers and their employers. The center’s analysis shows that of 186 sampled routers, 155 (83%) were found vulnerable to potential cyberattacks. @Dark Reading

Short Take: It’s always been done that way

Worth Reading: Packet level network telemetry

Continuous monitoring is an essential part of detecting security issues, misconfiguration, equipment failure, as well as performing traffic engineering. With networks growing in size, complexity, and traffic volume, the need for continuous and precise monitoring is greater than ever before. —Oliver Michel @APNIC

Worth Reading: Who do you trust?

Trust. It’s a simple word, but I think it’s at the heart of a recent social media brouhaha surrounding Apple’s recent revelations regarding “iTunes device trust scores.” —Richard Ford @Dark Reading

Worth Reading: WiFi Rebrands

According to a Wednesday press release, the new approach will name the generations in a numerical sequence relative to new advancements in Wi-Fi technology. This will make it easier for vendors to denote which standards their devices support, for service providers to explain what their network offers, and for users to understand which products work with which standards. —Conner Forrest @Tech Republic

Column

Weekend Reads ‭188A6‬

The security skills gap is real, and it is a problem. But what if you could replace the most basic security jobs with an AI? According to Gunter Ollmann @CircleID, this is possible today. The next question you might want to ask is this: if AI’s replace all the entry level positions, then how are we going to train up senior level engineers? Remember that every hiring manager wants someone with ten years of experience on a product that has only been out for two years…

US customers pay some of the highest prices for broadband in the developed world, and broadband availability is sketchy at best for millions of Americans. But instead of tackling that problem head on, the FCC is increasingly looking the other way, relying on ISP data that paints an inaccurately rosy picture of Americans’ internet access. And as long as regulators are relying on a false picture of US broadband access, actually solving the problem may be impossible. —Karl Bode @The Verge

American businesses are in for a rude awakening. Sweeping new privacy regulations, such as the EU’s landmark GDPR law and California’s Consumer Privacy Act, along with the ongoing SEC probe of Facebook’s data Continue reading

Worth Reading: Outing your Outages

How are you supposed to handle outages? What happens when everything around you goes upside down in an instant? How much communication is “too much”? Or “not enough”? And is all of this written down now instead of being figured out when the world is on fire? —Tom @Networking Nerd

Worth Reading: How Edge Computing will Impact the Enterprise

Data published at the start of 2018 reveals a prediction that spending in the edge computing sector will grow by a compound annual growth rate of more than 30 percent through 2022. That means regardless of IT professionals’ focus and the companies they work for now, their jobs paths will inevitably feature more edge computing-related elements soon. —Kayla Matthews @Information Week

Worth Reading: WPA3 brings new authentication to wireless

WPA3 is the latest version of Wi-Fi Protected Access, a suite of protocols and technologies that provide authentication and encryption for Wi-Fi networks. WPA3, which was first announced earlier this year, is now available for inclusion in products. It brings two deployment models, personal and enterprise, along with a related security set called Easy Connect. —Curtis Franklin Jr. @Dark Reading

History of Networking: BGP Route Servers and the IXP

Worth Reading: Beyond Cookbook Mathematics

Most of you who are reading this have likely taken a calculus course or two, and probably some basic linear algebra/matrix theory (especially if you’re in computer science). You’ve been exposed to limits, differentiation, continuity, determinants, and linear maps. —Rachel Traylor @The Math Citadel

Worth Reading: Microservices and Networking

With the rise of so-called mode two applications, we see significantly different approaches to software architectures. Gartner defines mode two applications as exploratory, non-linear focused on agility and speed. In order to achieve this level of agility, the underlying architecture needs to be dramatically different. —Jeroen van Rotterdam @The New Stack

Short Take: BGP Peering Updates

Worth Reading: Measuring the KSK Roll

When viewed as a network infrastructure, looks can be very deceiving when looking at the DNS. It appears to be a simple collection of resolvers and servers. Clients pass their DNS name resolution queries to resolvers, who then identify and ask an appropriate authoritative name server to resolve the DNS name, and the result is passed back to the client. —Goeff Huston @potaroo

Worth Reading: The KSK Rollover

In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). —Adiel A. Akplogan @CircleID