Weekly Wrap for Sept. 6, 2019: Broadcom releases new PCIe switches; VMware the butt of Nutanix CEO...
I’ve written before about rock stars and IT super heroes. We all know or have worked with someone like this in the past. Perhaps we still do have someone in the organization that fits the description. But have you ever stopped to consider how it could be our culture that breeds the very people we don’t want around?
When’s the last time you got recognition for the network operating smoothly? Unless it was in response to a huge traffic spike or an attack that tried to knock you offline, the answer is probably never or rarely. Despite the fact that networks are hard to build and even harder to operate, we rarely get recognized for keeping the lights on day after day.
It’s not all that uncommon. The accounting department doesn’t get recognized when the books are balanced. The janitorial staff doesn’t get an exceptional call out when the floors are mopped. And the electric company doesn’t get a gold star because they really did keep the lights on. All of these things are examples of expected operation. When we plug something into a power socket, we expect it to work. When we plug a router Continue reading
Today’s Network Collective Community Spotlight is highlighting Kevin Myers. Kevin is an accomplished engineer working in some of the more complicated and advanced corners of the Internet. Join us as we take a look into how Kevin got his start in networking and how he ended up working on some pretty interesting technology.
The post Community Spotlight – Kevin Myers appeared first on Network Collective.
The $1 billion agreement calls for Tech Mahindra to deliver a more advanced SDN for AT&T and...
After years of the same-old webpage template, we have updated and refined our look. I may be biased...
Once again, the world is witnessing the destructive power of a natural disaster. This time, the name is Dorian. What worries us is the fact that wind speeds reached the maximum intensity of five on the Saffir-Simpson scale, causing unprecedented damage to islands of the Bahamas. Of further concern is the fact that some Caribbean countries still have not fully recovered from 2017 storms, Irma and Maria. According to forecasts more storms can be expected as we are in the middle of the hurricane season.
The Caribbean remains vulnerable to natural disasters and this has a huge impact on the social and economic development of the region. According to Professor Jamal Saghir, former World Bank executive, and other experts, 20 percent of the Caribbean GDP is spent on natural disaster recovery. You must realize that we are talking about Small Islands Developing States (SIDS) that are already prone to all kinds of challenges due to their small economies.
Natural disasters are not going away and we can even expect them to have greater destructive power in the future. Although we cannot fight against nature, doing nothing is not an option.
At the Internet Society we work for an Continue reading
Imagine you would have a system that would read network device configurations, figure out how those devices might be connected, reverse-engineer the network topology, and be able to answer questions like “what would happen if this link fails” or “do I have fully-redundant network” or even “how will this configuration change impact my network”. Welcome to Batfish.
Interested? You’ll find more in Episode 104 of Software Gone Wild.
DDSketch: a fast and fully-mergeable quantile sketch with relative-error guarantees Masson et al., VLDB’19
Datadog handles a ton of metrics – some customers have endpoints generating over 10M points per second! For response times (latencies) reporting a simple metric such as ‘average’ is next to useless. Instead we want to understand what’s happening at different latency percentiles (e.g p99).
The ability to compute quantiles over aggregated metrics has been recognized to be an essential feature of any monitoring system… Given how expensive calculating exact quantiles can be for both storage and network bandwidth, most monitoring system will compress the data into sketches and compute approximate quantiles.
Fortunately there are plenty of quantile sketching algorithms available including the GK-sketch, the t-digest, the HDR histogram, and the Moments sketch that we looked at last year. For reasons we’ll see shortly though, none of those were good enough for Datadog, so they developed their own sketching data structure, DDSketch. Officially in the paper DDSketch stands for ‘Distributed Distribution Sketch’ but that seems a bit of a stretch… surely it’s the ‘Datadog Sketch’ ! A glance at the code repository for the Python implementation confirms my suspicion: there are several references to Continue reading
Several factors led to a softening switch market in China during the quarter, not least of which...
One of Docker’s core missions is delivering choice and flexibility across different application languages and frameworks, operating systems, and infrastructure. When it comes to modern applications, the choice of infrastructure is not just whether the application is run on-premises, on virtual machines or bare metal, or in the cloud. It can also be a choice of which architecture – x86, Arm, or GPU.
Today, we’re happy to share some updates in Docker Hub that make it easier to access multi-architecture images and scanning results through the Tag UX.
In this example, we’re looking at a listing for a Docker Official Image that supports x86, PowerPC and IBMz as listed in the labels. When you land on the image page on Docker Hub, you can quickly identify if an image supports multiple architectures in the labels underneath the image name. For further details, you can click on ‘Tags’:
In this section, you can now view the different architectures separately to easily identify the right image for the architecture you need, complete with image size and operating system information:
If you click on the digest for a particular architecture, you will now also be able to Continue reading
Its namesake cloud data integration platform aims to address variables that come with ingesting and...
AquaSec’s Daniel Sagi recently authored a blog post about DNS spoofing in Kubernetes. TLDR is that if you use default networking in Kubernetes you might be vulnerable to ARP spoofing which can allow pods to spoof (impersonate) the IP addresses of other pods. Since so much traffic is dialed via domain names rather than IPs, spoofing DNS can allow you to redirect lots of traffic inside the cluster for nefarious purposes.
So this is bad, right? Fortunately, Calico already prevents ARP spoofing out of the box. Furthermore, Calico’s design prevents other classes of spoofing attacks. In this post we’ll discuss how Calico keeps you safe from IP address spoofing, and how to go above and beyond for extra security.
ARP spoofing is an attack that allows a malicious pod or network endpoint to receive IP traffic that isn’t meant for it. Sagi’s post already describes this well, so I won’t repeat the details here. An important thing to note, however, is that ARP spoofing only works if the malicious entity and the target share the same layer 2 segment (e.g. have direct Ethernet connectivity). In Calico, the network is fully routed at layer 3, meaning that Continue reading
Fast Reroute , Fast Convergence , WRED and WFQ. You may think that why Orhan is putting all these mechanisms together. I will give you an analogy. Those who participate my talks., know that I love using analogies. Before we try to understand how these mechanisms are related with each other, let me explain what …
Continue reading "Fast Reroute, Fast Convergence, WRED and WFQ"
The post Fast Reroute, Fast Convergence, WRED and WFQ appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
best known as one of the inventors of Random Early Detection
The post Sally Floyd, Who Helped Things Run Smoothly Online, Dies at 69 – The New York Times appeared first on EtherealMind.
