0

Concise Link Descriptions in netlab Topologies (Part 1)

One of the goals we’re always trying to achieve when developing netlab features is to make the lab topologies as concise as possible¹. Among other things, netlab supports numerous ways of describing links between lab devices, allowing you to be as succinct as possible.

A bit of a background first:

• In the end, netlab collects all links in the links list before starting the data transformation process.
• Every entry in the links list is a dictionary. That dictionary can contain link attributes and must contain a list of interfaces connected to the link.
• Every interface must have a node (specifying the lab device it belongs to) and could contain additional interface attributes.

0

IRP v4.2.7 has arrived: Enhanced Inbound Performance Optimization & Prefix-List-Based Statistical Models

The post IRP v4.2.7 has arrived: Enhanced Inbound Performance Optimization & Prefix-List-Based Statistical Models appeared first on Noction.

0

TikTok ban takes hold: data reveals sharp traffic decline and rapid shift to alternatives

The United States ban on TikTok went into effect on January 19, 2025, and our data showed a clear impact starting after 03:30 UTC (10:30 PM ET on January 18, 2025). The ban was part of the "Protecting Americans from Foreign Adversary Controlled Applications Act," proposed in Congress, which ordered ByteDance to divest due to alleged security concerns. The bill was signed into law by Congress and President Biden in April 2024, and was upheld by the Supreme Court.

Aggregated data from our 1.1.1.1 DNS resolver shows — as we’ve posted on X — that the TikTok shutdown in the US began to impact DNS traffic to TikTok-related domains on January 19, just after 03:30 UTC (22:30 ET on January 18). This includes DNS traffic not only for TikTok, but also for other ByteDance-owned platforms, such as the CapCut video editor. Traffic dropped by as much as 85% compared to the previous week and showed signs of further decline in the following hours.

Around that time, a message indicating the TikTok ban began appearing for US users.

Analyzing data from autonomous systems or networks, traffic from TikTok owner ByteDance’s network (AS396986) in the US Continue reading

0

From Python to Go 011. Parsing XML, JSON, And YAML Files.

Hello my friend,

This blog post is probably the first one, where we start doing more practical rather than foundational things in Python and Go (Golang). Up till now we were going through all possible data types as well as small steps how to deal with files. Today we’ll bring that all together and boost it with practical scenario of parsing data following the most popular data serialization techniques these days

Which Jobs Do Require Network Automation Skills?

For quite a while I’m trying to hire a good network automation engineer, who shall be capable to write applications in Python, which shall manage networking. The pay is good, so my understanding would be that the candidates’ level shall be good as well. My understanding is sadly far from reality as general skills in software development is poor. I was thinking multiple times, if people who passed my trainings would apply, they could have smashed it (provided they practice). Which means there are a lot of jobs out there, requiring good level of automation and software development skills. But they stay unfulfilled because there are no good candidates. It could be yours.

Boost yourself up!

We offer the following training programs Continue reading

0

phpIPAM in Docker with Nginx reverse-proxy

I have a bit of a problem with this setup serving phpIPAM via Nginx reverse proxy, so I said to share the solution which works for me here maybe will help somebody out there. I installed phpIPAM as Docker container following the instructions here: https://github.com/phpipam-docker/phpipam-docker. Using it via plain http was working OK, but I […]

<p>The post phpIPAM in Docker with Nginx reverse-proxy first appeared on IPNET.</p>

0

InfraHub Schema Library

In my previous InfraHub introductory post, we covered installation and the basics of InfraHub. In this second post, let’s explore the ‘Schema Library’ provided by OpsMill, the team behind InfraHub. As mentioned in the previous post, InfraHub doesn’t include any user-defined schemas out of the box, so we need to create our own. However, the Schema Library repository offers a collection of schemas that we can easily import into InfraHub. In this post, we’ll take a closer look at the Schema Library and how to use it.

If you are new to Infrahub and want to learn the basics of what it is and how to install it, feel free to check out my introductory post below.

Getting Started with Infrahub

If you’re in the network automation space or attended one of the last two Autocon events, you might have come across a new tool called ‘Infrahub’ from OpsMill

PacketswitchSuresh Vina

Recap on Schema

The way I think about schema is that it is a blueprint that defines the structure of your data. It specifies the nodes (like devices and interfaces), their attributes, and the relationships between them. This allows you to customize how you Continue reading

0

Hedge 255: Open Multi-perspective Issuance

One of the various attack surfaces in encryption is insuring the certificates used to share the initial set of private keys are not somehow replaced by an attacker. In systems where a single server or source is used to get the initial certificates, however, it is fairly easy for an attacker to hijack the certificate distribution process.

Henry Birge-Lee joins us on this episode of the Hedge to talk about extensions to existing certificate systems where a certificate is pulled from more than one source. You can find his article here.

download

0

HN764: Should You Pursue a Technical Leadership Role?

Do you think you have what it takes to be a manager? Should you go for it? Laura Santamaria, host of the Technically Leadership podcast, joins Ethan Banks to discuss those questions. They talk about the motivations for moving into a management role, the challenges of managing people, and the need to understand the business... Read more »

0

Public Videos: Leaf-and-Spine Fabric Design

The initial videos of the Leaf-and-Spine Fabric Architectures webinar are now public. You can watch the Leaf-and-Spine Fabric Basics, Physical Fabric Design, and Layer-3 Fabrics sections without an ipSpace.net account.

0

TSMC Can’t Be Caught Or Bought, Only Sought Or Stolen

It is not hard to figure out who is in the catbird seat in the semiconductor foundry business. …

TSMC Can’t Be Caught Or Bought, Only Sought Or Stolen was written by Timothy Prickett Morgan at The Next Platform.

0

Using NIM Guardrails To Keep Agentic AI From Jumping To Wrong Conclusions

AI agents are the latest evolution in the relatively short life span of generative AI, and while some organizations are still trying to figure out how the emerging technology fits in their operations, others are making strides into agentic AI. …

Using NIM Guardrails To Keep Agentic AI From Jumping To Wrong Conclusions was written by Jeffrey Burt at The Next Platform.

0

Can Synthetic Data Help Us Scale AI’s Data Wall?

COMMISSIONED: As with any emerging technology, implementing generative AI large language models (LLMs) isn’t easy and it’s totally fair to look side-eyed at anyone who suggests otherwise. …

Can Synthetic Data Help Us Scale AI’s Data Wall? was written by Timothy Prickett Morgan at The Next Platform.

0

N4N009: High-Speed Ethernet Lanes Explained

On today’s episode, we’re explaining high-speed Ethernet lanes at the request of listener Matthew. We cover lanes, channels, and their physical representation in networking – think actual cables. We explain both 40Gb and 100Gb technologies and compare them to Link Aggregation Control Protocol (LACP). We also have a discussion on standards and practical implications for... Read more »

0

Lab: Level-1 and Level-2 IS-IS Routing

One of the recipes for easy IS-IS deployments claims that you should use only level-2 routing (although most vendors enable level-1 and level-2 routing by default).

What does that mean, and why does it matter? You’ll find the answers in the Optimize Simple IS-IS Deployments lab exercise.

0

Securely Deploying & Running Multiple Tenants on Kubernetes

As Kubernetes becomes the backbone of modern cloud native applications, organizations increasingly seek to consolidate workloads and resources by running multiple tenants within the same Kubernetes infrastructure. These tenants could be:

• Internal teams: Departments within a company that share a Kubernetes cluster for development and production.
• External clients: SaaS providers hosting customer workloads on shared infrastructure.

While multitenancy offers cost efficiency and centralized management, it also introduces security and operational challenges:

• How do you ensure strong isolation between tenants?
• How do you manage resources and prevent one tenant from affecting another?
• How do you meet regulatory and compliance requirements?

To address these concerns, practitioners have three primary options for deploying multiple tenants securely on Kubernetes.

How to Deploy Multiple Tenants on Kubernetes

Option 1: Namespace-Based Isolation with Network Policies, RBAC and Security Controls

Namespaces are Kubernetes’ built-in mechanism for logical isolation. This approach uses:

• Namespaces: Logical boundaries for separating tenant workloads.
• RBAC (role-based access control): Restricts tenant access to their namespace and resources.
• Network policies: Controls ingress and egress traffic between pods and namespaces.
• Resource quotas: Limits CPU, memory and other resources to prevent noisy neighbors.

Advantages:

• Cost-effective: Tenants share the cluster infrastructure.
• Simple to manage: Centralized operations within a Continue reading

0

Red Hat Woos VMware Shops With OpenShift Virtualization Engine

Broadcom’s $61 billion acquisition of VMware in November 2023 and the subsequent changes to venerable virtualization company’s business model and pricing have rankled many long-time enterprise users, a situation that has been highly publicized despite assertions by Broadcom and VMware executives that such reports are little than FUD – short for fear, uncertainty, and doubt. …

Red Hat Woos VMware Shops With OpenShift Virtualization Engine was written by Jeffrey Burt at The Next Platform.

0

Cloud Monitoring’s Blind Spot: The User Perspective

The evolution of internet-centric application delivery has worsened IT’s visibility gaps into what impacts an end user’s experience. This problem is exacerbated when these gaps lead to negative business consequences, such as loss of revenue or lower Net Promoter Scores (NPS). The need to address this worsening visibility gap problem is reinforced by Gartner’s recent publication of its first

0

NAN082: Mastering Python One Bite at a Time

How do you master Python? One bite at a time. On today’s show we talk with Bob Belderbos, co-founder of PyBites, a community and learning platform for Python. Bob shares his philosophy for learning Python in small bites with practical exercises, hands-on learning, and daily coding for improvement. We discuss the importance of small wins,... Read more »

0

Comparing IGP and BGP Data Center Convergence

A Thought Leader¹ recently published a LinkedIn article comparing IGP and BGP convergence in data center fabrics². In it, they³ claimed that:

iBGP designs would require route reflectors and additional processing, which could result in slightly slower convergence.

Let’s see whether that claim makes any sense.

TL&DR: No. If you’re building a simple leaf-and-spine fabric, the choice of the routing protocol does not matter (but you already knew that if you read this blog).

0

Kerberos tickets on Mac OS

I’m using Mac at work and I found out that Kerberos needs sometimes a “kick” for the SSO to work properly. Sometimes after being offline the renewal of Kerberos ticket fails (especially when remote and connected via ZTA or VPN), even though everything looks alright in the “Ticket Viewer” app. Here is we where the […]

<p>The post Kerberos tickets on Mac OS first appeared on IPNET.</p>