Why I Bought A Meraki Camera

I recently purchased a Meraki MV 72 and wanted to share some of the logic behind why I did this. Having 4 other camera ecosystems in “production” at my home, this decision to add number 5 may defy logic for many. My thoughts around this particular investment were more about my personal learning than about function.

To provide a little background, I have a combination of various consumer and prosumer type cameras that vary in form and functionality. Every single brand (and ecosystem), while covering some functions very well, seem to leave a little to be desired. Hence the reason to buy a Meraki MV.

No–I do not expect the Meraki solution to be a perfect solution. Actually, since it is built around business use cases, it might not be as good at somethings that I find very useful. However, there is an API that I wanted to experiment with and solidify my knowledge of how I might build and extend my own ecosystem.

The deeper function of the Meraki MV API is included with MV Sense which is an add-on. Fortunately, every MV Sense organization with capable cameras comes with 10 free licenses. This requires the new generation of Continue reading

The Week in Internet News: Kentucky Broadband Program Stalls

Broadband delays: KentuckyWired, an ambitious plan to bring broadband services to underserved, rural parts of the state, is about two years behind schedule, the Courier Journal reports. As a result, the promise of new high-tech jobs has not materialized. About 405,000 residents of Kentucky have no access to wired broadband.

Cities take the lead: Meanwhile, a handful of cities in Oregon are considering municipal broadband projects, KPTV reports. Hillsboro is about to join the ranks of cities offering city-funded connectivity.

Tweets against encryption: U.S. President Donald Trump has tweeted a demand for Apple to defeat encryption on iPhones owned by criminal suspects, CNet says. Administration officials have criticized Apple for not unlocking a phone used by a dead mass shooter.

Election hacking: A security researcher has found that an election server in the U.S. state of Georgia may have been hacked in 2014, before a tight 2018 race for governor, Politico reports. If hackers did manage to breach the server, they would have “almost total control” of it, including the abilities to modify files, delete data, and install malware,” election security expert Logan Lamb said.

The cost of pulling the plug: Internet and social media shutdowns cost economies Continue reading

GPON vs. Traditional Ethernet Architecture

GPON (Gigabit Passive Optical Network) is used to reduce the number of active switching nodes in the network design. Network Design Best practice in Campus networks and many Datacenter networks (Not Massively Scale Datacenters), is to use Three-Tier; Access, Distribution and Core network design. Although the design decision depends on the scalability requirements in the Campus and DC, two layer; Access and Collapsed Distribution/Core design can be used. Below figure depicts common three tier Access, Distribution and Core design.

 

This post was first published on “Service Provider Networks Design and Architecture by Orhan Ergun” book. 

 

GPON vs Active Ethernet

Figure – GPON vs. Traditional Ethernet Architecture, Source: cisco.com

 

In Three-tier Traditional campus networks, there are active Ethernet devices used in each tier. Active means, nodes require electricity. Active Ethernet switches forward traffic based on forwarding rules. If it’s a Layer 2 network, traffic is forwarded based on Layer 2 information, if it is a Layer 3 design, traffic is forwarded based on routing protocol information.

GPON in the campus network replaces traditional three-tier design with two-tier optical network, by removing the Active access and distribution layer Ethernet switches with the ONT, Splitter and OLT devices. Although ONT Continue reading

Edge Computing Providers

Edge computing is a networking philosophy focused on bringing computing as close to the source of data as possible, in order to reduce latency and bandwidth usage. In a simpler term, edge computing means running fewer processes in the cloud and moving those processes to local places, such as on a user’s computer, an IoT device, or an edge server.

 

This post was first published in ‘ Service Provider Networks Design and Architecture by Orhan Ergun ‘ book.

Bringing computation to the network’s edge minimizes the amount of long-distance communication that has to happen between a client and server.

For Internet devices, the network edge is where the device, or the local network containing the device, communicates with the Internet. The edge may not be a clear term; for example, a user’s computer or the processor inside of an IoT camera can be considered the network edge, while the user’s router, ISP, or local edge servers are also considered the edge.

 

It is important to understand that the edge of the network is geographically close to the device, unlike origin servers and cloud servers, which can be very far from the devices they communicate with.

 

Cloud computing Continue reading

Segment Routing Workbook by Orhan Ergun

Recently I published a new book on Segment Routing.

Segment Routing have been deployed by many networks (Both Enterprises and Service Providers ) for many different use cases such as Traffic Engineering, Fast Reroute , Monitoring and so on and I believe Segment Routing will be even more popular in near future. Thus, I believe this book should be read by anyone who are interested in networking.

You can get the sample copy of the book and purchase it from here. 

This book covers both Theory and Practical aspect of Segment Routing.

Segment Routing is a technology that is gaining popularity as a way to simplify MPLS networks. It has the benefit of interfacing with Software Defined Networks and works based on Source Routing.

This Workbook will be useful for those who want to understand, deploy,  verify and troubleshoot Segment Routing Networks. This Workbook will be useful for the  CCIE and CCDE certification exams.

Book Content:

  • Segment routing fundamental and concepts
    • Segment routing introductions
    • SR and MPLS data plane
    • Segment routing global block
  • Segment routing in IGP
    • SR Control Plane overview
    • SR in OSPF
    • SR in ISIS
    • IP FRR (LFA/TI-LFA)
    • Configuration lab and troubleshooting tips
    • Segment Routing and LDP

Different wordings for the same definition/meaning in Networking

In computer network engineering almost always we use different definitions/wordings to explain same thing. In this post, I will give you some examples, please add whatever else you remember in the comment box below , we can discuss them there.

 

All below keywords explain the same thing. 

 

Let’s start with MPLS Cases :

  1. Tunnel Label , Transport Label , Transport Label , Outer Label , Topmost Label , Outmost Label : They all define PE to PE reachability in MPLS network.
  2. Ingress PE , Source PE , Headend PE , Ingress LSR , Edge LSR : Either in MPLS VPN or MPLS Traffic Engineering cases, you can see these keywords and they all define the same thing.
  3. Inner Label, VPN Label , VC (Virtual Circuit) Label , Service Label : They all define same thing which is Layer 2 VPN customer service information.

Inter Domain Routing Cases :

  1. IX (Internet Exchange) , IXP (Internet Exchange Point) , Internet Exchange , Peering Point , Exchange Point
  2. Public Peering Exchange , MLPE (Multi Lateral Peering Exchange) , Public Exchange

IOT Case:

  1. Smart Device, Smart Object , Sensors , Intelligent Object , Smart Things

Routing :

ASBR , IGW (Internet Continue reading

Early Stages of Product Decline

One of the worst things that can happen to anyone selecting equipment for a new network infrastructure is to receive the End-of-Life notice a week after the gear has been deployed in a production network… or maybe it’s even worse to be stuck with a neglected piece of technology full of bugs that the vendor never fixes because they’re chasing other shinier squirrels.

If you’re careful and watch what the vendors are doing, you might be able to save the day and identify the early phases of product decline. Here they are (as seen from the outside) in approximate order:

End of promotion opportunities. In most corporations aggressive hunters fare better than meticulous farmers, and product development is no different. As a friend of mine working for a large corporation once said “The culture here rewards launches instead of steady improvements. Like in academia, publishing a paper is valued more than running ISS”.

Read more ...

STELLA: report from the SNAFU-catchers workshop on coping with complexity

STELLA: report from the SNAFU-catchers workshop on coping with complexity, Woods 2017, Coping with Complexity workshop

“Coping with complexity” is about as good a three-word summary of the systems and software challenges facing us over the next decade as I can imagine. Today’s choice is a report from a 2017 workshop convened with that title, and recommended to me by John Allspaw – thank you John!

Workshop context

The workshop brought together about 20 experts from a variety of different companies to share and analyse the details of operational incidents (and their postmortems) that had taken place at their respective organisations. Six themes emerged from those discussions that sit at the intersection of resilience engineering and IT. These are all very much concerned with the interactions between humans and complex software systems, along the lines we examined in Ironies of Automation and Ten challenges for making automation a ‘team player’ in joint human-agent activity.

There’s a great quote on the very front page of the report that is worth the price of admission on its own:

Woods’ Theorem: As the complexity of a system increases, the accuracy of any single agent’s own model of that system decreases rapidly.

Remember Continue reading

Windows Server vulnerability disclosed by NSA; don’t wait to patch

Microsoft’s monthly Patch Tuesday included a hefty haul of fixes: 49 total, and one of them is more than just critical. For enterprises running Windows Server 2016 and Server 2019, it's vital you implement the patch ASAP.The National Security Agency (NSA) disclosed the Windows vulnerability on Tuesday, the same day the fix was issued. That means the NSA found the flaw likely months ago but held off on public notification until Microsoft could come up with a fix. It would be irresponsible for the NSA, or anyone else, to announce a vulnerability and not give the software maker time to patch it.The vulnerability was spotted in "crypt32.dll," a Windows module that has been in both desktop and server versions since NT 4.0 more than 20 years ago. Microsoft describes the library as handling certificate and cryptographic messaging functions in the CryptoAPI.To read this article in full, please click here

Windows Server vulnerability disclosed by NSA; don’t wait to patch

Microsoft’s monthly Patch Tuesday included a hefty haul of fixes: 49 total, and one of them is more than just critical. For enterprises running Windows Server 2016 and Server 2019, it's vital you implement the patch ASAP.The National Security Agency (NSA) disclosed the Windows vulnerability on Tuesday, the same day the fix was issued. That means the NSA found the flaw likely months ago but held off on public notification until Microsoft could come up with a fix. It would be irresponsible for the NSA, or anyone else, to announce a vulnerability and not give the software maker time to patch it.The vulnerability was spotted in "crypt32.dll," a Windows module that has been in both desktop and server versions since NT 4.0 more than 20 years ago. Microsoft describes the library as handling certificate and cryptographic messaging functions in the CryptoAPI.To read this article in full, please click here

Windows Server vulnerability disclosed by NSA; Don’t wait to patch

Microsoft’s monthly Patch Tuesday included a hefty haul of fixes: 49 total, and one of them is more than just critical. For enterprises running Windows Server 2016 and Server 2019, it's vital you implement the patch ASAP.The National Security Agency (NSA) disclosed the Windows vulnerability on Tuesday, the same day the fix was issued. That means the NSA found the flaw likely months ago but held off on public notification until Microsoft could come up with a fix. It would be irresponsible for the NSA, or anyone else, to announce a vulnerability and not give the software maker time to patch it.The vulnerability was spotted in "crypt32.dll," a Windows module that has been in both desktop and server versions since NT 4.0 more than 20 years ago. Microsoft describes the library as handling certificate and cryptographic messaging functions in the CryptoAPI.To read this article in full, please click here

Windows Server vulnerability disclosed by NSA; Don’t wait to patch

Microsoft’s monthly Patch Tuesday included a hefty haul of fixes: 49 total, and one of them is more than just critical. For enterprises running Windows Server 2016 and Server 2019, it's vital you implement the patch ASAP.The National Security Agency (NSA) disclosed the Windows vulnerability on Tuesday, the same day the fix was issued. That means the NSA found the flaw likely months ago but held off on public notification until Microsoft could come up with a fix. It would be irresponsible for the NSA, or anyone else, to announce a vulnerability and not give the software maker time to patch it.The vulnerability was spotted in "crypt32.dll," a Windows module that has been in both desktop and server versions since NT 4.0 more than 20 years ago. Microsoft describes the library as handling certificate and cryptographic messaging functions in the CryptoAPI.To read this article in full, please click here

Loodse Steers Telco 5G Plans Toward Kubernetes

If Kubernetes is the helmsman that steers containers, Loodse is the the captain's captain steering...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

MacOS Catalina = Windows Vista

Remember the Windows version that was so security-focused that it broke everything, and needed a gazillion changes/updates/upgrades to get back to where you had a working computer? I think it was Vista, but maybe my memory is failing me. Anyway, Apple got its Vista moment with macOS Catalina.

I was stupid enough to upgrade just before New Year, and I’m still struggling with aftereffects and skeletons falling out of every cupboard I look at. I appreciate Apple trying to make their operating system ever more secure, but breaking stuff every time I upgrade it is borderline ridiculous.

Read more ...

QFX Upgrades – Check Host Version

I came across a situation where a software upgrade failed for some members in a Juniper QFX Virtual Chassis. There is a known issue with upgrades with a certain configuration + version combination, but I thought it didn’t apply to me. Turns out that the key was the host OS version, not the Junos VM version. Your host and guest versions can be out of sync with Juniper QFX 5K devices, and this can lead to confusing behavior, especially in a virtual chassis where host OS versions might vary.

Upgrade Failures - post-install error

When upgrading an old Juniper QFX5100, you might see these messages when running the upgrade:

1
2

Error: jinstall-vjunos fails post-install
Error: jinstall-vjunos-14.1X53-D34-domestic-signed fails post-install

In my case, I saw it for some nodes in a Virtual Chassis. Some worked, some failed. KB31923 says that this error is due to this configuration:

1
2
3

# show system internet-options
tcp-drop-synfin-set;
no-tcp-reset drop-tcp-with-syn-only;

Easy enough to change:

1
2
3
4
5
6
7
8
9
10

# delete system internet-options
{master:0}[edit]
root# show |compare
[edit system]
  internet-options {
      tcp-drop-synfin-set;
     no-tcp-reset drop-tcp-with-syn-only;
 
{master:0}[edit]
root# commit

Continue reading

1 1,049 1,050 1,051 1,052 1,053 3,841