NetworkingNexus.net

Physically man-in-the-middling an IoT device with Linux Bridge

This is a quick writeup of how I did some analysis of an IoT device (The Thing) by physically inserting a Linux box into the network path between The Thing and the network service it consumed. The approach described here involves being physically close to the target system, but it should work equally well¹ anywhere there's an Ethernet link along the path between The Thing and it's server.

First, the topology: The Thing is attached to an Ethernet switch and is part of the 192.168.1.0/24 subnet. We'll be physically inserting ourselves into the path of the red cable in this diagram.

Initial setup

The first step is to get a dual-homed Linux box into the path. I used an Ubuntu 18.04 machine with the following netplan configuration:

 network:  
  version: 2  
  renderer: networkd  
  ethernets:  
   eth0:  
    dhcp4: no  
   eth1:  
    dhcp4: no  
  bridges:  
   br0:  
    addresses: [192.168.1.2/24]  
    gateway4: 192.168.1.1  
    interfaces:  
     - eth0  
     - eth1

This configuration defines an internal software-based bridge for handling traffic between The Thing and the switch. Additionally, it creates an IP interface for the Linux host to communicate with neighbors attached to the bridge (everybody on 192.168.1. Continue reading

Packet and Sprint on Why Bare Metal Is the ‘Lowest-Common Denominator’

IFX2019. In this latest The New Stack Makers podcast recorded live at Zachary Smith, CEO and co-founder of Packet, and Sprint, discussed how bare metal fits into the emerging Internet of Things. The Dec. 4-5 event was Packet’s second annual vendor-neutral infrastructure conference and ran at the same time as AW Re:Invent. A metaphor Rook used to describe bare-metal deployments for Sprint, a Packet customer, came from his daughter who had to tell her grade school class what her father did for a living: she said her father was a “machine whisperer.” Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn The metaphor fits well because it aptly reflects what bare-metal machines “try to tell you,” Rook said. “An individual machine cannot tell you much, but what machines tell you only start to make sense when you do two things: Number one is you start to listen to all of them at same time, and number two is you start to learn what they tell Continue reading

This is finally the year of the ARM server

"RISC" was an important architecture from the 1980s when CPUs had fewer than 100,000 transistors. By simplifying the instruction set, they free up transistors for more registers and better pipelining. It meant executing more instructions, but more than making up for this by executing them faster.

But once CPUs exceed a million transistors around 1995, they moved to Out-of-Order, superscalar architectures. OoO replaces RISC by decoupling the front-end instruction-set with the back-end execution. A "reduced instruction set" no longer matters, the backend architecture differs little between Intel and competing RISC chips like ARM. Yet people have remained fixated on instruction set. The reason is simply politics. Intel has been the dominant instruction set for the computers we use on servers, desktops, and laptops. Many instinctively resist whoever dominates. In addition, colleges indoctrinate students on the superiority of RISC. Much college computer science instruction is decades out of date.

For 10 years, the ignorant press has been championing the cause of ARM's RISC processors in servers. The refrain has always been that RISC has some inherent power efficiency advantage, and that ARM processors with natural power efficiency from the mobile world will be more power efficient for the data center.

None Continue reading

Samsung Expands 5G Footprint With Videotron

Samsung will provide massive MIMO and dual-band base stations to support the operator’s 4G LTE...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Amping Up The Arm Server Roadmap

Competition in and of itself does not directly drive innovation – customer needs that might be met by some other product is really what makes suppliers hop to and get the lead out. …

Amping Up The Arm Server Roadmap was written by Timothy Prickett Morgan at The Next Platform.

Google Transfer Service Mitigates Cloud Migration Migraines

Transfer Service aims to removes inherent complexities with large-scale data transfers and moving...

Read More »

Heavy Networking 494: Hybrid Cloud Networking – All The Details

Today's Heavy Networking drills into routing complexities and options for hybrid cloud networking. Our guest is William Collins, lead cloud architect at a large healthcare company. He shares his experiences connecting resources on premises to public cloud services. We also discuss the importance of design and governance, and why your networking skills are absolutely critical when it comes to the cloud.

The post Heavy Networking 494: Hybrid Cloud Networking – All The Details appeared first on Packet Pushers.

Amazon Leads Linux Foundation’s Edge NOS Project

DENT will use the Linux Kernel and other Linux-based projects as the basis for the open source NOS,...

Read More »

Service to service communication within GKE cluster

In my last blog, I covered options to access GKE services from external world. In this blog, I will cover service to service communication options within GKE cluster. Specifically, I will cover the following options: Cluster IP Internal load balancer(ILB) Http internal load balancer Istio Traffic director In the end, I will also compare these … Continue reading →

Ciena Chief Calls Infinera 600G Uncompetitive Amid Strong Q4

Amid double-digital growth in 2019, Ciena CEO Gary Smith says Infinera's 600G optics lack the...

Read More »

Weekly Wrap: Aviatrix CEO: SD-WAN Is Dead. AWS Killed It

SDxCentral Weekly Wrap for Dec. 13, 2019: AWS' Outposts, Wavelengths are the nail in SD-WAN's...

Read More »

HPC In The Cloud Rolls Through An Inflection Point

Hyperion Research has declared 2019 as the year that high performance computing in the cloud hit a “tipping point.” Cloud spending for HPC work is projected to jump from just under $2.5 billion in 2018 to approximately $4 billion by the end of 2019. …

HPC In The Cloud Rolls Through An Inflection Point was written by Michael Feldman at The Next Platform.

Magical Mechanics

If you’re a fan of this blog, you’ve probably read my last post about the new SD-WAN magic quadrant that’s been making the rounds and generating discussion. Some people are smiling that this report places Cisco in an area other than leadership in the SD-WAN space. Others are decrying the report as being unfair and contradictory. I wanted to take another look at it given some new information and some additional thoughts on the results.

Fair and Square

The first thing I wanted to do is make sure that I was completely transparent with the way the Gartner Magic Quadrant (MQ) works. I have a very good idea thanks to a conversation with Andrew Lerner (@Fast_Lerner), who is the Research VP of Networking at Gartner. Andrew was nice enough to clarify my understanding of the MQ and accompanying documentation. I’ll quote him here to make sure I don’t get anything wrong:

In an MQ, we assess the overall vendors’ behavior and offering in the market. Product, service/support sales, marketing, innovation, etc. if a vendor has multiple products in a market and sells them regularly to the enterprise, they are part of the MQ assessment. Viable products are not Continue reading

Announcing project DENT

We are excited to announce that Cumulus is joining project DENT!

Project DENT is a huge step for the industry, taking both open networking and Linux networking forward. DENT will help grow the community of open Linux networking vendors and partners, and Cumulus Networks is pleased to be part of this project that aligns with our core values and strengths. We strongly believe in mass innovation with open Linux software, platforms and the Linux community.

Linux ecosystem players have historically benefited from mass innovation. By bringing together vendors, distributors, system integrators and users, DENT enables distributed development and support for open Linux networking operating system for campus and remote networking. We believe this will enable networking hardware vendors to leverage the same benefits that all Linux hardware technologies do today: Open Linux firmware management, platform driver infrastructure, network interface management and Linux tools and ecosystem.

The Cumulus Linux connection

Cumulus Linux is based on the same foundational principles as project DENT with the goal of unifying Networking across distributed systems. This unification comes from its native Linux platform and networking API. Today’s technologies powering hybrid cloud and on-prem infrastructure are distributed systems technologies. Networking is fundamental to distributed systems. Uniformity Continue reading

Video: FRRouting Overview

In October 2019, Donald Sharp did a short webinar describing FRRouting, the hottest open-source routing suite.

As always, he started with an overview of what FRRouting is, and where you could use it.

You need Free ipSpace.net Subscription to watch the video.

Watch the video

How do committees invent?

How do committees invent?, Conway, Datamation magazine 1968

With thanks to Chris Frost for recommending this paper – another great example of a case where we all know the law (Conway’s law in this case), but many of us have not actually read the original ideas behind it.

We’re back in 1968, a time when it was taken for granted that before building a system, it was necessary to design it. The systems under discussion are not restricted to computer systems either by the way – one of example of a system is "the public transport network." Designs are produced by people, and the set of people working on a design are part of a design organisation.

The definition of design itself is quite interesting:

That kind of intellectual activity which creates a whole from its diverse parts may be called the design of a system.

When I think about design, I more naturally think about it the other way around: how to decompose the whole into a set of parts that will work together to accomplish the system goals. But of course Conway is right that those parts do have to fit together to produce the intended Continue reading

Atlassian Forge Serves an AWS Lambda-Based Serverless Option

The platform includes Atlassian-operated compute and storage, a declarative UI language that allows...

Read More »

Cisco Paints 5G Strategy Around Optics, Packet Core

“We helped build the first version of the internet, the internet gave birth to the cloud, and now...

Read More »

How to use the Linux uniq command

In Linux, the uniq command can help find out the individual users who are logged into a given server, but it’s not a straightforward process.Yes, using the command on its own yields a list of who’s logged in, but it can list individual users more than once depending on what they’re doing.There are ways to get around this by sorting the results of uniq so they deliver only once the names of all the users. This 2-Minute Linux Tip video by Network World’s Unix as a Second Language blogger Sandra Henry Stocker shows how to do just that. Click below. YT embed code: To read this article in full, please click here

Five Ways to Quickly Uncover Malicious Activity and Protect Your Kubernetes Workloads

Organizations are rapidly moving more and more mission-critical applications to Kubernetes (K8s) and the cloud to reduce costs, achieve faster deployment times, and improve operational efficiencies, but are struggling to achieve a strong security posture because of their inability to apply conventional security practices in the cloud environment. Commitment to cloud security grows, but security safeguards are not keeping up with the increased use of the various cloud platforms. Regardless of the cloud provider or service model, individual organizations are ultimately responsible for the security of their data.

According to a 2019 Ponemon Institute Global Cloud Data Security Study, 70 percent of respondents find it more complex to manage privacy and data protection regulations in a cloud environment than on-premises. Meanwhile, the percent of corporate data stored in the cloud environment has grown from an average of 30 percent in 2015 to an average of 48 percent in 2019. In the same study, 56 percent of respondents say the use of cloud resources increases compliance risk.

The downside associated with a security breach is severe for any organization, but especially so for companies in regulated environments like financial services, healthcare and telecommunications. Now there’s a new and highly effective way Continue reading

« Previous 1 … 1,024 1,025 1,026 1,027 1,028 … 3,794 Next »