Changing Cisco IOS BGP Policies Based on IP SLA Measurements

This is a guest blog post by Philippe Jounin, Senior Network Architect at Orange Business Services.

You could use track objects in Cisco IOS to track route reachability or metric, the status of an interface, or IP SLA compliance for a long time. Initially you could use them to implement reliable static routing (or even shut down a BGP session) or trigger EEM scripts. With a bit more work (and a few more EEM scripts) you could use object tracking to create time-dependent static routes.

Cisco IOS 15 has introduced Enhanced Object Tracking that allows first-hop router protocols like VRRP or HSRP to use tracking state to modify their behavior.

Innovium Boosts Switch Chip Performance Without A Process Shrink

Bringing a new switch ASIC to market is no easy task, and it isn’t cheap, either. …

Innovium Boosts Switch Chip Performance Without A Process Shrink was written by Timothy Prickett Morgan at The Next Platform.

Not so static… Introducing the HTMLRewriter API Beta to Cloudflare Workers

Today, we’re excited to announce HTMLRewriter beta — a streaming HTML parser with an easy to use selector based JavaScript API for DOM manipulation, available in the Cloudflare Workers runtime.

For those of you who are unfamiliar, Cloudflare Workers is a lightweight serverless platform that allows developers to leverage Cloudflare’s network to augment existing applications or create entirely new ones without configuring or maintaining infrastructure.

Static Sites to Dynamic Applications

On Friday we announced Workers Sites: a static site deployment workflow built into the Wrangler CLI tool. Now, paired with the HTML Rewriter API, you can perform DOM transformations on top of your static HTML, right on the Cloudflare edge.

You could previously do this by ingesting the entire body of the response into the Worker, however, that method was prone to introducing a few issues. First, parsing a large file was bound to run into memory or CPU limits. Additionally, it would impact your TTFB as the body could no longer be streamed, and the browser would be prevented from doing any speculative parsing to load subsequent assets.

HTMLRewriter was the missing piece to having your application fully live on the edge – soup to nuts. You can Continue reading

Tech Bytes: The Value Of Software Quality With Arista Networks (Sponsored)

Tech Bytes: The Value Of Software Quality With Arista Networks (Sponsored)

Software is essential to networking and on today's Tech Bytes podcast, sponsored by Arista, we examine how software quality affects operations, upgrades, security and more. Our guest is Doug Gourlay, VP and General Manager of Cloud Networking at Arista.

The post Tech Bytes: The Value Of Software Quality With Arista Networks (Sponsored) appeared first on Packet Pushers.

Inspur Pushes Data Center AI With Latest OCP Contributions

Nokia Wields Single Carrier Terabit Connection Power

Talking 5G and the Next Big Networking Revolution with Claus Pedersen, Hewlett Packard Enterprise

IoT roundup: Security holes abound, GE Digital makes noise and more

This week, we look at IoT security holes -- both usual and unusual -- an IIoT player makes a move, and mergers and partnerships worth noting.

IoT roundup: Security holes abound, GE Digital makes noise and more

This week, we look at IoT security holes -- both usual and unusual -- an IIoT player makes a move, and mergers and partnerships worth noting.

KDDI Molds 5G Plans With Ericsson, Nokia, and Samsung

Building Your First Certified Kubernetes Cluster On-Premises, Part 1

This is the first in a series of guest blog posts by Docker Captain Ajeet Raina diving in to how to run Kubernetes on Docker Enterprise. You can follow Ajeet on Twitter @ajeetsraina and read his blog at http://www.collabnix.com. 

There are now a number of options for running certified Kubernetes in the cloud. But let’s say you’re looking to adopt and operationalize Kubernetes for production workloads on-premises. What then? For an on-premises certified Kubernetes distribution, you need an enterprise container platform that allows you to leverage your existing team and processes. 

Enter Docker Kubernetes Service

At DockerCon 2019, Docker announced the Docker Kubernetes Service (DKS). It is a certified Kubernetes distribution that is included with Docker Enterprise 3.0 and is designed to solve this fundamental challenge.

In this blog series, I’ll explain Kubernetes support and capabilities under Docker Enterprise 3.0, covering these topics:

1. Deploying certified Kubernetes Cluster using Docker Enterprise 3.0 running on a Bare Metal System
2. Support of Kubernetes on Windows Server 2019 with Docker Enterprise 3.0
3. Implementing Persistent storage for Kubernetes workload using iSCSI
4. Implementing Cluster Ingress for Kubernetes
5. Deploying Istio Service Mesh under Docker Enterprise 3.0

So About Continue reading

¡Bienvenidos a Latinflare!

Our Story

When I first began interviewing with Cloudflare in the Spring of 2019, I came across a Cloudflare blog post announcing Proudflare, the company’s LGBTQIA+ Employee Resource Group (ERG). The post gave me a clear sense of the company’s commitment to diversity and inclusion. I could tell this was a place that values and celebrates diversity, which really appealed to me as I progressed through the interview process with Cloudflare, and ultimately accepted the role.

Fast forward to my Cloudflare new hire orientation, two weeks of training and introductions at our San Francisco HQ. We learned about the various ERGs at Cloudflare including one for Latinx employees. While I had a strong desire to be part of a Latinx ERG, it was clear that the group was actually in need of someone to lead the effort and rally the troops. At Cloudflare, we have offices across the country and around the world. I wasn’t really sure how to launch an ERG that would be global in scope. After meeting with leads from other Cloudflare ERGs, understanding the landscape, and attending an external workshop, everything started to come together.

In early August, we officially gave ourselves Continue reading

How the Linux screen tool can save your tasks – and your sanity – if SSH is interrupted

If you’ve ever had to restart a time-consuming process because your SSH session was disconnected, you might be very happy to learn about an interesting tool that you can use to avoid this problem – the screen tool.Screen, which is a terminal multiplexor, allows you to run many terminal sessions within a single ssh session, detaching from them and reattaching them as needed. The process for doing this is surprising simple and involves only a handful of commands. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start a screen session, you simply type screen within your ssh session. You then start your long-running process, type Ctrl+A Ctrl+D to detach from the session and screen -r to reattach when the time is right.To read this article in full, please click here

How the Linux screen tool can save your tasks — and your sanity — if SSH is interrupted

If you’ve ever had to restart a time-consuming process because your SSH session was disconnected, you might be very happy to learn about an interesting tool that you can use to avoid this problem — the screen tool.Screen, which is a terminal multiplexor, allows you to run many terminal sessions within a single ssh session, detaching from them and reattaching them as needed. The process for doing this is surprising simple and involves only a handful of commands. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start a screen session, you simply type screen within your ssh session. You then start your long-running process, type Ctrl+A Ctrl+D to detach from the session and screen -r to reattach when the time is right.To read this article in full, please click here

The Week in Internet News: The New Internet Space Race

Broadband in space: The Associated Press, via the New York Post, has a story on the new space race involving Amazon, SpaceX, and other companies. The competition is to be first to deploy new satellite networks to provide broadband service to all corners of the Earth. Still, there are some questions about these low-Earth orbit satellites, with the multi-billion-dollar cost of deployment being the biggest concern.

Secure by algorithm: Researchers at Princeton University have developed algorithms that they say can prevent hacker attacks on power grids, DownToEarth reports. The new algorithms target power spikes that could be driven by IoT-based attacks. One algorithm would prevent connections overloading by balancing power, and the other would help grids restore their functionality after an attack.

Please help: A column at ZDNet asks network operators to using existing tools to fix security problems with the Border Gateway Protocol, which routers use to tell each other the best way to route traffic. The BGP standard includes Route Origin Authorizations (ROAs) to confirm the accuracy of routing messages, but those tools aren’t as widely deployed as they could be, the column suggests.

Lost jobs: A nearly two-month Internet shutdown in the India-controlled Kashmir region Continue reading

Junos Primary and Preferred Interface Commands

This blog post was spurred on by a recent real-world experience where I had to configure a primary IP address …

Continue reading →

The post Junos Primary and Preferred Interface Commands appeared first on Fryguy's Blog.

Recommended Networking Resources for September 2019 Third Week

There are so many good resources for Network Engineers out there. I started to share the ones I liked on beginning of this month. Click here to see previous Networking Recommended Resources. As you know, I share 5 resource every week. There are so many in my list already, I can’t wait for the next …

Continue reading "Recommended Networking Resources for September 2019 Third Week"

The post Recommended Networking Resources for September 2019 Third Week appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Networking in Public Clouds – New ipSpace.net Online Course

I have exciting news I’d love to share with you: we’re launching a new online course focused on networking in public clouds starting in February 2020 (I’ve been mulling over this idea and polishing the concept for almost 18 months, and finally it all came together ;)

With Go To The Cloud becoming the answer to all questions (regardless of what the question is), you can find tons of materials describing various aspects of public clouds, so you might wonder why I decided to enter the fray. The answer is simple: with everyone being focused on developers, there’s not much that an infrastructure engineer could use to help him survive when the developers move on and he’s left to manage whatever they put in place.

Small world with high risks: a study of security threats in the npm ecosystem

Small world with high risks: a study of security threats in the npm ecosystem Zimmermann et al., USENIX Security Symposium 2019

This is a fascinating study of the npm ecosystem, looking at the graph of maintainers and packages and its evolution over time. It’s packed with some great data, and also helps us quantify something we’ve probably all had an intuition for— the high risks involved in depending on a open and fast-moving ecosystem. One the key takeaways for me is the concentration of reach in a comparatively small number of packages and maintainers, making these both very high value targets (event-stream, it turns out, wouldn’t even have made the top-1000 in a list of ranked targets!), but also high leverage points for defence. We have to couple this of course with an exceedingly long tail.

The npm ecosystem

As the primary source of third-party JavaScript packages for the client-side, server-side, and other platforms, npm is the centrerpiece of a large and important software ecosystem.

Npm is an open ecosystem hosting a collection of over 800,000 packages as of February 2019, and it continues to grow rapidly.

To share a package on npm, a maintainer creates Continue reading