0

D2C235: Building Modern Apps In GovCloud

Chances are, you’ve probably only heard of GovCloud because at the bottom of new feature releases from the Big 3 there’s usually an asterisk that says “not yet available in GovCloud.” So what is GovCloud? And why does it not get the newest shiny thing as fast as the rest of us? Chris Wahl has... Read more »

0

Open sourcing Pingora: our Rust framework for building programmable network services

Today, we are proud to open source Pingora, the Rust framework we have been using to build services that power a significant portion of the traffic on Cloudflare. Pingora is released under the Apache License version 2.0.

As mentioned in our previous blog post, Pingora is a Rust async multithreaded framework that assists us in constructing HTTP proxy services. Since our last blog post, Pingora has handled nearly a quadrillion Internet requests across our global network.

We are open sourcing Pingora to help build a better and more secure Internet beyond our own infrastructure. We want to provide tools, ideas, and inspiration to our customers, users, and others to build their own Internet infrastructure using a memory safe framework. Having such a framework is especially crucial given the increasing awareness of the importance of memory safety across the industry and the US government. Under this common goal, we are collaborating with the Internet Security Research Group (ISRG) Prossimo project to help advance the adoption of Pingora in the Internet’s most critical infrastructure.

In our previous blog post, we discussed why and how we built Pingora. In this one, we will talk about why and how you might Continue reading

0

EVPN Terminology

Reading RFCs is a great source of information for understanding all the details of a protocol. Often they do require the reader to be quite technical and the terminology can be confusing if you aren’t used to the type of language and writing style used in RFCs. In this post, I go through some of the most important terminology in EVPN and VXLAN to help you build your understanding of the different forwarding constructs and how they interact.

The picture below shows some of the most important terminology in EVPN:

Let’s go through the terms used in the diagram and some additional ones:

• Attachment circuit – An interface that is associated with a bridge table. The AC that the packet arrived on is determined by examining the port, and optionally VLAN tag.
• Broadcast Domain – The Broadcast domain consists of all devices and hosts that would receive a broadcast frame when sent in that domain (assuming no ARP optimization features used). This is normally a VLAN, and it normally maps to one subnet. From a VXLAN perspective, it would be a L2 VNI. An EVI may contain one or more BDs depending on service model.
• Bridge Table – Bridge Table Continue reading

0

DHCP Relaying on a Linux Host

Markku Leiniö sent me an interesting observation after writing a series of DHCP-relaying-related blog posts:

I was first using VyOS, but it uses the ISC DHCP relay, and that software relays unicast packets. The DHCP procedures eventually worked fine, but getting sensible outputs and explanations was a nightmare.

I quickly reproduced the behavior, but it took me almost half a year to turn it into a blog post. Engaging in a round of yak shaving (I wanted to implement DHCP in netlab first) didn’t exactly help, either.

0

DHCP Relaying on a Linux Host

Markku Leiniö sent me an interesting observation after writing a series of DHCP-relaying-related blog posts:

I was first using VyOS, but it uses the ISC DHCP relay, and that software relays unicast packets. The DHCP procedures eventually worked fine, but getting sensible outputs and explanations was a nightmare.

I quickly reproduced the behavior, but it took me almost half a year to turn it into a blog post. Engaging in a round of yak shaving (I wanted to implement DHCP in netlab first) didn’t exactly help, either.

0

Open-source network simulation roundup 2024

I updated the status of the open-source network simulation and network emulation projects tracked in this blog. I found no new projects to add to my lists in 2023 or early 2024. I also did not have to delete any projects because they all seem to have an acceptable level of support in 2024.

Read the rest of this post for information about the latest open-source network simulator releases, as of the end of February, 2024.

Network Simulators

• cnet (No links; see below.)
  • The development team is re-writing the cnet code base and the old version is no longer available to download. A new version will be released soon: in, or after, March 2024. I will update the links on my web site at that time.
• ns-3
  • ns-3 continues to be a major, active project. The most recent release was ns-3.41 on February 9, 2024. The ns-3 source code is on GitLab. at
• OMNet++
  • OMNeT++ also continues to be a major project that is actively maintained. Release 6.0.3 was made available on February 24, 2024. The OMNET++ source code is on GitHub.
• Shadow
  • Shadow is actively maintained with many fixed and features added in 2023. The Continue reading

0

The Increasing Trend of Consolidation in the IT and Cybersecurity World

The consolidation it IT and cybersecurity encourages the sharing of best practices, leveraging synergies, and ultimately drives advancements in technology and business practices.

0

Netflix Releases bpftop: An eBPF-Based Application Monitor

Extended Berkeley Packet Filter, eBPF to its friends, enables you to run sandboxed programs in a privileged context in the Linux kernel. Netflix has unveiled bpftop, a new open source command-line tool designed to enhance the performance optimization and monitoring of eBPF applications. As the streaming giant continues integrating eBPF technology into its infrastructure, ensuring these applications operate efficiently has become a top priority.

0

Suspected Middle East Sabotage Brings Undersea Cable Vulnerabilities into Focus

Middle East fighting is cause for concern as enterprises and the telecom industry are dependent on undersea cables to carry the bulk of their intercontinental Internet traffic.

0

PP003: An Insider’s Look At Security Certs

What are the best cybersecurity certs to get? Do advancements in cloud and AI mean security professionals need to re-skill? How do certifying organizations decide what new courses to create? Chief Curriculum Director and Faculty Lead at the SANS Institute, Rob Lee, joins Jennifer “JJ” Minella and Drew Conry-Murray to give an insider’s view on... Read more »

0

He Who Can Pay Top Dollar For HBM Memory Controls AI Training

What is the most important factor that will drive the Nvidia datacenter GPU accelerator juggernaut in 2024? …

He Who Can Pay Top Dollar For HBM Memory Controls AI Training was written by Timothy Prickett Morgan at The Next Platform.

0

How Does HPC In The Cloud Enable Energy Efficiency?

PARTNER CONTENT: High performance computing (HPC) decision-makers are starting to prioritize energy efficiency in operations and procurement plans. …

How Does HPC In The Cloud Enable Energy Efficiency? was written by Martin Courtney at The Next Platform.

0

VXLAN Virtual Labs Have Never Been Easier

I stumbled upon an “I want to dive deep into VXLAN and plan to build a virtual lab” discussion on LinkedIn¹. Of course, I suggested using netlab. After all, you have to build an IP core and VLAN access networks and connect a few clients to those access networks before you can start playing with VXLAN, and those things tend to be excruciatingly dull.

Now imagine you decide to use netlab. Out of the box, you get topology management, lab orchestration, IPAM, routing protocol design (OSPF, BGP, and IS-IS), and device configurations, including IP routing and VLANs.

0

VXLAN Virtual Labs Have Never Been Easier

I stumbled upon an “I want to dive deep into VXLAN and plan to build a virtual lab” discussion on LinkedIn¹. Of course, I suggested using netlab. After all, you have to build an IP core and VLAN access networks and connect a few clients to those access networks before you can start playing with VXLAN, and those things tend to be excruciatingly dull.

Now imagine you decide to use netlab. Out of the box, you get topology management, lab orchestration, IPAM, routing protocol design (OSPF, BGP, and IS-IS), and device configurations, including IP routing and VLANs.

0

5G is Moving Downstream to Enterprises—And Everyone Stands to Gain from It

Enterprises need stronger, more flexible connectivity between employees, customers, devices, and applications. Converged 5G networks can help.

0

NB467: More AI Assistants Emerge; Nvidia’s AI Goldmine Spurs New Competitors

Take a Network Break! This week we cover financial results from Palo Alto Networks (good, but next quarter’s softer forecast resulted in a drubbing), Cisco (not good), and Nvidia (so good that Wall Street is nervous about how long the party’s gonna last). Prosimo and Nokia have announced generative AI assistants that claim to help... Read more »

0

Navigating Undersea Cable Disruptions: Seacom’s Red Sea Connectivity Challenge and Strategic Solutions

The post Navigating Undersea Cable Disruptions: Seacom’s Red Sea Connectivity Challenge and Strategic Solutions appeared first on Noction.

0

Human Generated Questions About AI Assistants

I’ve taken a number of briefings in the last few months that all mention how companies are starting to get into AI by building an AI virtual assistant. In theory this is the easiest entry point into the technology. Your network already has a ton of information about usage patterns and trouble spots. Network operations and engineering teams have learned over the years to read that information and provide analysis and feedback.

If marketing is to be believed, no one in the modern world has time to learn how to read all that data. Instead, AI provides a natural language way to ask simple questions and have the system provide the data back to you with proper context. It will highlight areas of concern and help you grasp what’s going on. Only you don’t need to get a CCNA to get there. Or, more likely, it’s more useful for someone on the executive team to ask questions and get answers without the need to talk to the network team.

I have some questions that I always like to ask when companies start telling me about their new AI assistant that help me understand how it’s being built.

Question 1: Laying Continue reading

0

Ansible Set Operations Do Not Preserve List Order

Here’s another Ansible quirk, this time caused by Python set behavior.

When I created the initial device configuration deployment playbook in netlab, I wanted to:

• Be able to specify a list of modules to provision.¹
• Provision just the modules used in the topology and specified in the list of modules.

This allows you to use netlab initial to deploy all configuration modules used in a lab topology or netlab initial -m ospf to deploy just OSPF while surviving netlab initial -m foo (which would do nothing).

0

Ansible Set Operations Do Not Preserve List Order

Here’s another Ansible quirk, this time caused by Python set behavior.

When I created the initial device configuration deployment playbook in netlab, I wanted to:

• Be able to specify a list of modules to provision.¹
• Provision just the modules used in the topology and specified in the list of modules.

This allows you to use netlab initial to deploy all configuration modules used in a lab topology or netlab initial -m ospf to deploy just OSPF while surviving netlab initial -m foo (which would do nothing).