On the ‘web: How to Bridge the Network Skills Gap

The landscape is littered with training for all these new skills, but there is little time, or guidance, through the process of retraining into these new skills. The process of retraining, far too often, feels like leaving all your old skills behind and learning completely new ones. The seeming wide array of paths the average engineer faces, combined with the uncertainty of which of these paths forward represent the real future, can seem overwhelming. @TechTarget

Worth Reading: Has monolithic gotten a bad rap?

We tend to depict the microservice and the monolith as two polar opposite styles of software architecture — the natively decomposed versus the self-contained, the fluid versus the solid, the mercurial versus the integral. —Scott M. Fulton III @The New Stack

Worth Reading: Five things to know about microservices

New architectures typically require new architectural knowledge and new ideas about how to deploy systems. The microservices pattern affects the architectures of both software and the organizations that use it. —Jonathan Owens @The New Stack

The EIGRP SIA Incident: Positive Feedback Failure in the Wild

Reading a paper to build a research post from (yes, I’ll write about the paper in question in a later post!) jogged my memory about an old case that perfectly illustrated the concept of a positive feedback loop leading to a failure. We describe positive feedback loops in Computer Networking Problems and Solutions, and in Navigating Network Complexity, but clear cut examples are hard to find in the wild. Feedback loops almost always contribute to, rather than independently cause, failures.

Many years ago, in a network far away, I was called into a case because EIGRP was failing to converge. The immediate cause was neighbor flaps, in turn caused by Stuck-In-Active (SIA) events. To resolve the situation, someone in the past had set the SIA timers really high, as in around 30 minutes or so. This is a really bad idea. The SIA timer, in EIGRP, is essentially the amount of time you are willing to allow your network to go unconverged in some specific corner cases before the protocol “does something about it.” An SIA event always represents a situation where “someone didn’t answer my query, which means I cannot stay within the state machine, so I Continue reading

Worth Reading: The role of cellular in the ‘net

The tremendous growth of the mobile Internet, with over 11 billion devices connected by 2020, and its economic implications, have motivated several reports. And yet, we still lack an understanding of the impact of cellular networks around the world. —Fabián Bustamante @APNIC

Selfie

Weekend Reads 040618: Kernel Programming, Secure Messaging, and Icebergs

Programming in user space is safer for a very small number of reasons, not the least of which is the virtual memory system, which tricks programs into believing they have full control over system memory and catches a small number of common C-language programming errors, such as touching a piece of memory that the program has no right to touch. Other reasons include the tried-and-true programming APIs that operating systems have now provided to programs for the past 30 years. All of which means programmers can possibly catch more errors before their code ships, which is great news—old news, but great news. What building code in user space does not do is solve the age-old problems of isolation, composition, and efficiency. —George V. Neville-Neil @ACM

There is no such thing as a perfect or one-size-fits-all messaging app. For users, a messenger that is reasonable for one person could be dangerous for another. And for developers, there is no single correct way to balance security features, usability, and the countless other variables that go into making a high-quality, secure communications tool. @EFF

Breaches of private information in hospital records are serious and expensive security events but remediating them can be deadly. Continue reading

Worth Reading: 1.1.1.1

Cloudflare, a well-known Internet performance and security company, announced the launch of 1.1.1.1—world’s fastest and privacy-focused secure DNS service that not only speeds up your internet connection but also makes it harder for ISPs to track your web history. —Mohit Kumar @The Hacker News

The Network Collective: MPLS Part 1

On the ‘net: Openness and Composable Systems

Openness, it seems, is “in the air.” While the Liqid folks were over at OCP, I was over at the Open Networking Summit (ONS), where I (primarily) attended the Linux Foundation (Networking), or LF(N), board meeting. What was interesting at this year’s summit is just how little the focus of open network is on bare metal routers and switches, and how much of the focus is on server-based and overlay networking. @GestaltIT

Worth Reading: Oblivious DNS

The recent news that Mozilla and Cloudflare are deploying their own DNS recursive resolver has once again raised hopes that users will enjoy improved privacy, since they can send DNS traffic encrypted to Cloudflare, rather than to their ISP. In this post, we explain why this approach only moves your private data from the ISP to (yet another) third party. —Nick Feamster @CircleID

Worth Reading: Firestopping

In reviewing mission-critical data centers under construction, both during the submittal phase and during on-site inspections, I’ve found that the single most misunderstood issue is penetration firestopping. —Dean Ventola @Data Center Journal

Reaction: The NRE as the new architect

Over at the Packet Pushers, Anthony Miloslavsky suggests that network architects have outlived their usefulness, so it is time to think of a new role. He describes a role called the “NRE” to replace the architect; the NRE would—

…spend no less than 50% of their time focusing on automation, while spending the other 50% deeply embedded in the operations/engineering/architecture realms of networking. They participate in an on-call rotation to stay in touch with the ops side of the house, with a focus on “treating operations as if it’s a software problem” in response. NREs would provide a expert big picture view of BOTH the development/automation and network operation/design sides of the house.

The author goes on to argue that we need someone who will do operations, engineering, architecture, and development because “pure architecture” folks tend to “lose touch” with the operations side of things. It is too easy to “throw a solution over the cubicle wall” without considering the implementation and operational problems. But, as a friend used to ask of everything when I was still in electronics, will it work? I suspect the answer is no for several reasons.

First, there is no such person as described, and Continue reading

Worth Reading: Disconnecting from Facebook

The smartphone has effectively transformed us into cyborgs, we have in our hands a highly efficient computing device equipped with a photo and video camera, microphone, GPS, accelerometer, gyroscope, magnetometer, light and proximity sensors, as well as other features that allow creation of increasingly useful, impressive and addictive applications. —Joao Carlos Caribe @CircleID

Worth Reading: Connectivity as a consumer service

Having Comcast et al provide Internet connectivity is like having your barber do surgery because he knows how to use a knife. I was reminded of this when my Comcast connection failed. —Bob Frankston @CircleID

On the ‘net: GPU’s and Composable Systems

Advances in computing often come from odd angles; routing and switching came out of the need to connect multiple proprietary systems in some way, locally and over long distances (hence the long standard emphasis on open standards and interoperability in the network engineering world). Another interesting development of this type is the boom in Graphic Processing Units (GPUs). @GestaltIT

Worth Reading: Latency wags the dog

The expression, the tail wags the dog, is used when a seemingly unimportant factor or infrequent event actually dominates the situation. It turns out that in modern datacenters, this is precisely the case – with relatively rare events determining overall performance. —Kevin Deierling @The Next Platform

Worth Reading: Model driven telemmetry

Telemetry is a big buzzword in the networking industry these days. As any buzzword, telemetry means different things to different people; exactly like SDN or intent-based networking (I guess this one will need its own blog entry at some point in time). —Benoit Claise

Deconfusing the Static Route

Configuring a static route is just like installing an entry directly in the routing table (or the RIB).

I have been told this many times in my work as a network engineer by operations people, coders, designers, and many other folks. The problem is that it is, in some routing table implementations, too true. To understand, it is best to take a short tour through how a typical RIB interacts with a routing protocol. Assume BGP, or IS-IS, learns about a new route that needs to be installed in the RIB:

• The RIB into which the route needs to be installed is somehow determined. This might be through some sort of special tagging, or perhaps each routing process has a separate RIB into which it is installing routes, etc.. In any case, the routing process must determine which RIB the route should be installed in.
• Look the next hop up in the RIB, to determine if it is reachable. A route cannot be installed if there is no next hop through which to forward the traffic towards the described destination.
• Call the RIB interface to install the route.

The last step results in one of two possible reactions. The first Continue reading

Worth Reading: OpenPower at the inflection point

When IBM launched the OpenPower initiative publicly five years ago, to many it seemed like a classic case of too little, too late. But hope springs eternal, particularly with a datacenter sector that is eagerly and actively seeking an alternative to the Xeon processor to curtail the hegemony that Intel has in the glass house. —Timothy Prickett Morgan @The Next Platform