Archive

Category Archives for "Russ White"

Nonblocking versus Noncontending

“We use a nonblocking fabric…”

Probably not. Nonblocking is a word that is thrown around a lot, particularly in the world of spine and leaf fabric design—but, just like calling a Clos a spine and leaf, we tend to misuse the word nonblocking in ways that are unhelpful. Hence, it is time for a short explanation of the two concepts that might help clear up the confusion. To get there, we need a network—preferably a spine and leaf like the one shown below.

Based on the design of this fabric, is it nonblocking? It would certainly seem so at first blush. Assume every link is 10g, just to make the math easy, and ignore the ToR to server links, as these are not technically a part of the fabric itself. Assume the following four 10g flows are set up—

  • B through [X1,Y1,Z2] towards A
  • C through [X1,Y2,Z2] towards A
  • D through [X1,Y3,Z2] towards A
  • E through [X1,Y4,Z2] towards A

As there are four different paths between these four servers (B through E) and Z2, which serves as the ToR for A, all 40g of traffic can be delivered through the fabric without dropping or queuing a single packet (assuming, of Continue reading

Worth Reading: Processing Logs in Real Time with Naiad

You have lots of components in your datacenter producing logs (about 13,000 service instances in the datacenter logs studied for this paper). The authors assume a unique Id is assigned to every request entering the system, and that this is propagated on service requests, leading to log records with metadata such as… —The Morning Paper

The post Worth Reading: Processing Logs in Real Time with Naiad appeared first on rule 11 reader.

Worth Reading: Connecting Nepal

In 1997, we finally got the Internet in Nepal. Unfortunately, it was only available in the capital, Kathmandu, which is very far from my village of Nangi. But almost immediately, I started thinking of ways we could get Nangi online. I was already familiar with the Internet from studying in the United States, and I had a lot of ideas about how being online could improve life in Nangi. —The Internet Society

The post Worth Reading: Connecting Nepal appeared first on rule 11 reader.

The 40 hour work week

Before 1900 the average American worker worked more than 60 hours a week. A standard schedule was ten-hour days, six days a week. The only structural limits to working were lighting and religion. You stopped working when it was too dark to see or to go to church. It was exhausting. It was often fatal. —Collaborative Fund

The 40 hour work week is foremost a result of the physical limits of the human body—but we often fail to take into account the mental limits, as well. Why was working for more than 40 hours a week on a railroad dangerous? It was not just because people were physically tired, but also because they were mentally tired. The resulting discussion among coders has been rampant and widespread (see, for instance, here).

First, the focus on time and the length of the work week may be a little misdirected. We are still a world focused on physical presence as a proxy for accomplishing work. I know a lot of companies prefer to have people in the office—ironically, this is a big deal with most of the companies in the world that aim to bring networks, and network based services, to the masses. Continue reading

Worth Reading: pbgpp

pbgpp allows network operators to apply a wide range of filters, either on network layer (src IP, dst IP), but foremost BGP fields — for example, prefix, communities, or next hop. Filters are applied in two steps, improving analysis performance. Before parsing the BGP-specific fields in the captured packet, lower-layer packet header field filters (IP or MAC source or destination) are applied. Thus, we do not parse all packets, but only the matching ones. BGP-specific filters are applied subsequently after parsing. —APNIC

The post Worth Reading: pbgpp appeared first on rule 11 reader.

Worth Reading: Good Samaritans with network visibility

In a big open office 30 feet from me, a team of US Veterans speak intently on the phone to businesses large and small, issuing urgent warnings of specific cyber security threats. They call to get stubborn, confused people to take down hidden ransomware distribution sites. They call with bad news that a specific computer at the business has malware that steals login credentials. They call with good news — you can beat the bad guys this time by not sending the money — minutes before an email arrives to the business with fraudulent wire transfer instructions. —CircleID

The post Worth Reading: Good Samaritans with network visibility appeared first on rule 11 reader.

OneLogin and Password Managers

An interesting incident this last week brings password managers back to the front of the pile—

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data. —Krebs on Security

I used to use LastPass, but moved off of their product/service when LogMeIn bought them—my previous encounters with LogMeIn have all been negative, and I have no intention of using their service again in any form. During that move, I decided it was important to make another decision about the tradeoff between an online (cloud based) password manager, or one that keeps information in a local file. The key problem with cloud based services of this kind are they paint a huge target onto your passwords. The counter argument is that such cloud based services are more likely to protect your passwords than you are, because they focus their time and energy on doing so.

First lesson: moving to a cloud based application does not mean moving to a situation where the cloud provider actually knows what you are storing, nor how to access Continue reading

Open Networking for Large-Scale Networks

Shawn Zandi and I recently recorded a new webinar for Ivan over at ipspace.net around open source and disaggregated networking. If you have ever wanted to find out about these topics, this webinar is a great place to start in understanding what options are available, and how easy/hard it is to get this kind of thing running.

The webinar is available here.

The post Open Networking for Large-Scale Networks appeared first on rule 11 reader.

Worth Reading: WannaCry and Vulnerabilities

All software contains bugs or errors in the code. Some of these bugs have security implications, granting an attacker unauthorized access to or control of a computer. These vulnerabilities are rampant in the software we all use. A piece of software as large and complex as Microsoft Windows will contain hundreds of them, maybe more. These vulnerabilities have obvious criminal uses that can be neutralized if patched. Modern software is patched all the time — either on a fixed schedule, such as once a month with Microsoft, or whenever required, as with the Chrome browser. —Schneier on Security

The post Worth Reading: WannaCry and Vulnerabilities appeared first on rule 11 reader.

Ethereum: The “Next New Internet?”

According to this article, we now have a new Internet being developed: Ethereum (thanks to Chase Mitchell, one of my regular readers, for pointing this new development out). In fact, it’s called “web 3.0,” in a bid to become “The Next New Internet.” Given I tend to be a little concerned about the future of the Internet, I thought I’d look into this new one a bit to discover what it’s all about… Pardon the length of the ensuing investigation.

To begin to understand Ethereum, you have to understand block chainsbecause Ethereum is a type of block chain. To understand block chains, you must begin with the hash. A has is a simple concept that is actually quite difficult to implement in a useful way: a hash takes any a string of numbers of any size and returns a fixed length number, or hash, that (more or less) uniquely represents the original string. The simple to implement part is this—one rather naive hash is it simply add the numbers in a set of numbers until you reach a single digit, calling the result the hash. For instance…

23523
2 + 3 + 5 + 2 + 3 ==  Continue reading

Worth Reading: Tainted Leaks

This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims. We name this technique “tainted leaks.” The report illustrates how the twin strategies of phishing and tainted leaks are sometimes used in combination to infiltrate civil society targets, and to seed mistrust and disinformation. It also illustrates how domestic considerations, specifically concerns about regime security, can motivate espionage operations, particularly those targeting civil society. —Citizen Lab

The post Worth Reading: Tainted Leaks appeared first on rule 11 reader.

1 89 90 91 92 93 164