NetworkingNexus.net

Network Break 253: Arista CloudVision Ingests Configs From Third-Party Gear; Cisco Adds Azure To Cloud ACI

Today's Network Break discusses upgrades to Arista's CloudVision management software, a new ACI partnership between Cisco and Microsoft Azure, a Google pledge to invest in new European data centers, Amazon's pledge to be carbon-neutral by 2040, and more tech news.

The post Network Break 253: Arista CloudVision Ingests Configs From Third-Party Gear; Cisco Adds Azure To Cloud ACI appeared first on Packet Pushers.

APAC Policy Survey 2019: Consolidation in the Internet Economy

The Internet is changing. Consolidation in the Internet economy, the topic of the Global Internet Report 2019, might be the source of ongoing shifts in its underlying infrastructure and the way users engage, among many other things.

Clearly, the growing presence of big Internet platforms can benefit the user by offering seamless Internet experiences, but it could also harm innovation, competition, and the Internet’s broader architecture, says the report, which marks the start of the Internet Society’s efforts to examine this issue.

The Internet in Asia-Pacific is no exception. A few corporations – including Facebook and Tencent in social networking, Google and Baidu in search, and Amazon and Alibaba in online shopping – dominate large parts of the Internet, benefitting people while raising similar questions about what it means for the Internet’s fundamental properties.

This year’s Survey on Policy Issues in Asia-Pacific, released today, helps deepen our understanding of the role that corporations play in shaping Internet use and user experience in the region and how they may impact future innovation on the Internet.

More than 1,300 people from 39 economies in the region took our online survey when we opened it to the public in July.

The Continue reading

Juniper NXTWORK Hack-a-Thon

Over the past couple of years, Juniper has hosted a Hackathon at start of NXTWORK. This event is a great …

Continue reading →

The post Juniper NXTWORK Hack-a-Thon appeared first on Fryguy's Blog.

Cleaning up bad bots (and the climate)

From the very beginning Cloudflare has been stopping malicious bots from scraping websites, or misusing APIs. Over time we’ve improved our bot detection methods and deployed large machine learning models that are able to distinguish real traffic (be it from humans or apps) from malicious bots. We’ve also built a large catalog of good bots to detect things like helpful indexing by search engines.

But it’s not enough. Malicious bots continue to be a problem on the Internet and we’ve decided to fight back. From today customers have the option of enabling “bot fight mode” in their Cloudflare Dashboard.

Once enabled, when we detect a bad bot, we will do three things: (1) we’re going to disincentivize the bot maker economically by tarpitting them, including requiring them to solve a computationally intensive challenge that will require more of their bot’s CPU; (2) for Bandwidth Alliance partners, we’re going to hand the IP of the bot to the partner and get the bot kicked offline; and (3) we’re going to plant trees to make up for the bot’s carbon cost.

Malicious bots harm legitimate web publishers and applications, hurt hosting providers by misusing resources, and they doubly hurt the planet Continue reading

Cisco ACI – Configuring by POSTing JSON

If you are configuring Cisco ACI datacenter fabric it will sooner or later get to the point that you need to configure multiple objects inside the GUI which will, by using the click-n-click method, take a huge amount of time. While using POSTMAN to create multiple objects of the same type is the preferred method that everybody is speaking about (because you can generate REST API calls using Python or something similar), the quickest way to do it is using POST of JSON configuration file directly through the GUI. POSTing JSON config example As described above, the POST of JSON

The post Cisco ACI – Configuring by POSTing JSON appeared first on How Does Internet Work.

Infinera Unveils XR Optics, Aims To Simplify Metro Networks

The transportation methodology aims to simplify metro networks, reduce capital expenditures, and...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Just Published: Network Services Integration in EVPN Fabrics

In last week’s continuation of EVPN never-ending story Lukas Krattiger described how you could use EVPN constructs (VNIs, VRFs) to implement service insertion, and how you could combine then with policy-based routing.

TL&DW: It’s bridging and routing ;)

You’ll need Standard ipSpace Subscription to access the videos.

The secret-sharer: evaluating and testing unintended memorization in neural networks

The secret sharer: evaluating and testing unintended memorization in neural networks Carlini et al., USENIX Security Symposium 2019

This is a really important paper for anyone working with language or generative models, and just in general for anyone interested in understanding some of the broader implications and possible unintended consequences of deep learning. There’s also a lovely sense of the human drama accompanying the discoveries that just creeps through around the edges.

Disclosure of secrets is of particular concern in neural network models that classify or predict sequences of natural language text… even if sensitive or private training data text is very rare, one should assume that well-trained models have paid attention to its precise details…. The users of such models may discover— either by accident or on purpose— that entering certain text prefixes causes the models to output surprisingly revealing text completions.

Take a system trained to make predictions on a language (word or character) model – an example you’re probably familiar with is Google Smart Compose. Now feed it a prefix such as “My social security number is “. Can you guess what happens next?

As a small scale demonstration, the authors trained a model on Continue reading

DNS Resolver Centrality

Moving the DNS from the access ISP to the browser may not necessarily enhance open competition in the DNS world. In today's Internet just two browsers, Chrome and Safari dominate the browser world with an estimated 80% share of all users. If the DNS becomes a browser-specific setting, then what would that mean for the DNS resolver market? And why should we care? It would be useful to understand what is going on in the DNS today, before there has been any major shift to adopt DoH or DoT by high-use applications such as browsers. Can we measure the level of DNS centrality in the Internet today?

Welcome to Birthday Week 2019

September has always been a special month for Cloudflare. Nine years ago — on September 27th — we launched Cloudflare. And, each year since, we’ve celebrated our birthday with a week full of new products and innovations that support our mission of helping to build a better Internet.

Our mission guides everything we do. One of the most intentional words in our mission is ‘helping’. Building an Internet that can meet the world’s needs cannot be done by any one company or individual; rather, it takes a global community — from nonprofit organizations and businesses to governments and individuals — collaborating to deliver new standards, technologies, and innovations. We believe Cloudflare should be an active participant in the community and help where we can and should.

Our customers and partners are an active part of the community. I often say that customers are one of my favorite parts of my job (our team is my other favorite part). Our customers give us feedback all the time about what they'd like to see to make their Internet properties more secure, more performant and more reliable. Our partners bring forward standards to help make the Internet run more smoothly. For Birthday Week Continue reading

Kicking the Tires With the NATS Go Client

I am doing some prototyping for a project and part of this includes becoming more familiar with the NATS project, including its Go client (since all of the components in my project that will be talking to NATS are written in Go). In short, I have a bunch of little services that need to talk to each other, and a message broker like NATS fits the bill. One thing that drew me to NATS specifically is that it is unapologetically - nay, proudly - simple.

Kicking the Tires With the NATS Go Client

Worth Following: Explaining Computer Things

People who can explain complex topics in simple terms, or focus on the essentials of a particular topic are exceedingly rare… and two of the best are Randall Munroe of the XKCD fame and Julia Evans, the mastermind behind WizardZines. I loved her recent curl and git exercises, and I’m guessing a lot of people in this industry would benefit from her latest HTTP zine.

Similarly to what I did a long time ago with ipSpace.net, Julia recently decided to go all-in, leaving her job and focusing on explaining things. I hope it will work out and we’ll keep enjoying her tidbits of wisdom for years to come.

MEF19 Preview: Accelerate Your Digital Transformation

Communications leaders from around the world will gather at MEF19 to focus on accelerating the...

Read More »

Samsung introduces SSDs it claims will ‘never die’

Solid-state drives (SSDs) operate by writing to cells within the chip, and after so many writes, the cell eventually dies off and can no longer be written to. For that reason, SSDs have more actual capacity than listed. A 1TB drive, for example, has about 1.2TB of capacity, and as chips die off from repeated writes, new ones are brought online to keep the 1TB capacity.But that's for gradual wear. Sometimes SSDs just up and die completely, and without warning after a whole chip fails, not just a few cells. So Samsung is trying to address that with a new generation of SSD memory chips with a technology it calls fail-in-place (FIP).To read this article in full, please click here

Huawei Invests $1.5B in Developers, Teases AI Cloud

Huawei plans to invest $1.5 billion in developer tools and teased a bevy of AI cloud services and...

Read More »

Heavy Networking 472: Grappling With Wireless QoS

If you are deploying an enterprise QoS scheme, wireless QoS matters to you. On today's episode, we go through the basics of wireless QoS, covering some of the standards, terminology, and thinking required to get your head around how we can prioritize packets over a shared medium. Our guest is Ryan Adzima.

The post Heavy Networking 472: Grappling With Wireless QoS appeared first on Packet Pushers.

BrandPost: Sharpen Your Edge for Digital Transformation 2.0

In an age when every company is a technology business, digital transformation becomes imperative for enterprises to remain competitive. The first wave of digital transformation focused on moving workloads to the cloud. Enterprises undergoing large-scale digital transformations centralized data processing and storage by migrating entire operations to public or private cloud services. The recent influx of connected devices and the resulting data explosion is putting a strain on this model, and now companies are looking toward the next wave of transformation that will move them closer to the edge and their customers.Today, the explosion of IoT devices, autonomous vehicles, robotic systems, and other digital platforms has resulted in a deluge of data and a vast expansion at the edge of the network. This is putting a strain on the network and requires new ways of processing, analyzing, and acting on this data in real time. This intersection of new technologies and the massive amounts of data they produce put us at an inflection point when we consider the architectures that will help us manage the global economy.To read this article in full, please click here

Ansible Security Automation is our answer to the lack of integration across the IT industry

In 2019, CISOs struggle more than ever to contain and counter cyberattacks despite an apparently flourishing IT security market and hundreds of millions of dollars in venture capital fueling yearly waves of new startups. Why?

If you review the IT security landscape today, you’ll find it crowded with startups and mainstream vendors offering solutions against cybersecurity threats that have fundamentally remained unchanged for the last two decades. Yes, a small minority of those solutions focus on protecting new infrastructures and platforms (like container-based ones) and new application architecture (like serverless computing), but for the most part, the threats and attack methods against these targets have remained largely the same as in the past.

This crowded market, propelled by increasing venture capital investments, is challenging to assess, and can make it difficult for a CISO to identify and select the best possible solution to protect an enterprise IT environment. On top of this, none of the solutions on the market solve all security problems, and so the average security portfolio of a large end user organization can often comprise of dozens of products, sometimes up to 50 different vendors and overlap in multiple areas.

Despite the choices, and more than Continue reading

When TCP sockets refuse to die

While working on our Spectrum server, we noticed something weird: the TCP sockets which we thought should have been closed were lingering around. We realized we don't really understand when TCP sockets are supposed to time out!

When TCP sockets refuse to die

Image by Sergiodc2 CC BY SA 3.0

In our code, we wanted to make sure we don't hold connections to dead hosts. In our early code we naively thought enabling TCP keepalives would be enough... but it isn't. It turns out a fairly modern TCP_USER_TIMEOUT socket option is equally as important. Furthermore it interacts with TCP keepalives in subtle ways. Many people are confused by this.

In this blog post, we'll try to show how these options work. We'll show how a TCP socket can timeout during various stages of its lifetime, and how TCP keepalives and user timeout influence that. To better illustrate the internals of TCP connections, we'll mix the outputs of the tcpdump and the ss -o commands. This nicely shows the transmitted packets and the changing parameters of the TCP connections.

SYN-SENT

Let's start from the simplest case - what happens when one attempts to establish a connection to a server which discards inbound SYN packets?

$  Continue reading

« Previous 1 … 1,134 1,135 1,136 1,137 1,138 … 3,832 Next »