This week Intel unveiled Compute Express Link (CXL), the chipmaker’s own cache coherent accelerator interconnect that it is grooming to become the industry standard. …
Intel Offers Up Yet Another Accelerator Interconnect Technology was written by Michael Feldman at .
SDxCentral Weekly Wrap for March 15, 2019: Nvidia usurps rivals with Mellanox deal. Virtualization...
Catchpoint found that the social media site’s widespread outages were preceded by a micro-outage...
Trying to remove cyber security risks from the growing world of connected things is not an easy task. That said, there’s no time like World Consumer Rights Day to give Canada a shout out for its global leadership to champion a safer digital future for all.
Recognizing the need to secure the Internet of Things (IoT), the Internet Society, in partnership with the Ministry of Innovation Science and Economic Development (ISED), the Canadian Internet Registration Authority (CIRA), Canadian Internet Policy and Public Interest Clinic (CIPPIC), and CANARIE, led a voluntary multistakeholder process to develop a broad-reaching policy to ingrain security at the core of innovation in Canada.
Over the past year, we led a series of meetings with business leaders, technical experts, government representatives, civil society, and academia to discuss challenges and recommend the best ways to address them. We gathered feedback through in-person and online attendance. Collectively, these efforts, combined with well-rounded research and documentation, formed the Canadian Multistakeholder Process for Enhancing IoT Security.
Rather than a top-down, government-imposed regulatory model, our multistakeholder approach helped us balance roles and contributions among the group. By working in a way that includes feedback from all participants, we are developing IoT security Continue reading
Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates the DNS ANY query type. DNS ANY was a "meta-query" - think of it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special. Unlike the standard query types, ANY didn't age well. It was hard to implement on modern DNS servers, the semantics were poorly understood by the community and it unnecessarily exposed the DNS protocol to abuse. RFC8482 allows us to clean it up - it's a good thing.
But let's rewind a bit.
It all started in 2015, when we were looking at the code of our authoritative DNS server. The code flow was generally fine, but it was all peppered with naughty statements like this:
if qtype == "ANY" {
// special case
}
This special code was ugly and error prone. This got us thinking: do we really need it? "ANY" is not a popular query type - no legitimate software uses it (with the notable exception of qmail).
Wake up! It's HighScalability time:
The web is 30! Some say it's not the web we wanted. But if we got that web, would it have ever grown so big? Worse usually is better.
Do you like this sort of Stuff? I'd greatly appreciate your support on Patreon. Know anyone who needs cloud? I wrote Explain the Cloud Like I'm 10 just for them. It has 40 mostly 5 star reviews. They'll learn a lot and love you even more.
On today’s sponsored Heavy Networking episode we explore how AppNeta wraps user metadata around Netflow records, deep packet inspection, and discovery of networks to help engineers get a continuous view of end user performance and the telemetry to find and fix problems.
The post Heavy Networking 435: End-To-End Network Performance Monitoring With AppNeta (Sponsored) appeared first on Packet Pushers.
At DockerCon Copenhagen we launched the Docker Pals program in order to connect attendees and help them make the most out of their trip. Attending a conference for the first time or by yourself can be intimidating and we don’t want anyone to feel that way at DockerCon! Pals get matched with a few others who are new (the “Pals”), and someone who knows their way around (the “Guide”) so you will have a familiar group before you arrive at the conference. Guides help Pals figure out which talks and activities to attend, and are available for questions.
This year we are excited to grow the program, matching more groups and adding Meet-and-Greets throughout the week. You won’t want to miss the best version of Docker Pals yet!
Here’s what Pals had to say about DockerCon Barcelona:
“Docker Pals made my DockerCon experience ten times better and I’ve made friends I hope to see again!”
“Our Guide was very helpful and I really enjoyed meeting other Pals at the conference.”
“[I enjoyed] the fact that even though I was there alone I always had a place to turn for help and fellowship.”
“[Our Continue reading
If you were not aware, Cloudflare Workers lets you run Javascript in all 165+ of our Data Centers. We’re delighted to see some of the creative applications of Workers. As the use cases grow in complexity, the need to sanity check your code also grows.
More specifically, if your Worker includes a number of functions, it’s important to ensure each function does what it’s intended to do in addition to ensuring the output of the entire Worker returns as expected.
In this post, we’re going to demonstrate how to unit test Cloudflare Workers, and their individual functions, with Cloudworker, created by the Dollar Shave Club engineering team.
Dollar Shave Club is a Cloudflare customer, and they created Cloudworker, a mock for the Workers runtime, for testing purposes. We’re really grateful to them for this. They were kind enough to post on our blog about it.
This post will demonstrate how to abstract away Cloudworker, and test Workers with the same syntax you write them in.
Before we get into configuring Cloudworker, let’s introduce the simple script we are going to test against in our example. As you can see this script contains two functions, both of Continue reading
We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions, and mentioned some of the protocols that have been recently developed to improve user privacy.
To complement this, we are publishing our DNS Privacy Frequently Asked Questions (FAQ). This highlights and provides answers to the most important aspects of DNS privacy.
Please also check our DNS Privacy page for more information!
Further Information
The post DNS Privacy Frequently Asked Questions (FAQ) appeared first on Internet Society.
Good reference material from the Internet Society
The post IPv6 Security for IPv4 Engineers | Internet Society appeared first on EtherealMind.
A take on the RSA conference
The post Gene Spafford – The RSA 2019 Conference appeared first on EtherealMind.
Vrnetlab, or VR Network Lab, is an open-source network emulator that runs virtual routers using KVM and Docker. It supports developers and network engineers who use continuous-integration processes for testing network provisioning changes. Researchers and engineers may also use the vrnetlab command line interface to create and modify network emulation labs in an interactive way. In this post, I review vrnetlab’s main features and show how to use it to create a simple network emulation scenario using open-source routers.
Vrnetlab users create Docker images for each type of router that will run in their network. They package the router’s disk image together with KVM software, Python scripts, and any other resources required by the router into the Docker image. Vrnetlab uses KVM to create and run VMs based on router software images, and uses Docker to manage the networking between the network nodes.
Vrnetlab users create Docker images that incorporate the router’s qemu disk image, along with software packages such as qemu-kvm, and the other resources needed by the router, such as a launch script and license files. The new Docker image represents a “virtual router” that comes with all the software and Continue reading
I got great feedback about the first part of Data Center Interconnects webinar from one of ipSpace.net subscribers:
I had no specific expectation when I started watching the material and I must have watched it 6 times by now.
Your webinar covered just the right level of detail to educate myself or refresh my knowledge on the technologies and relevant options for today’s market choices
The information provided is powerful and avoids useless discussions which vendors and PowerPoint pitches. Once you ask the right question it’s easy to get an idea of the vendor readiness
In the first live session we covered the easy cases: design considerations, and layer-3 interconnect with path separation (multiple routing domains). The real fun will start in the second live session on March 19th when we’ll dive into stretched VLANs and long-distance vMotion ideas.
You can attend the live session with any paid ipSpace.net subscription – details here.
Recently, owners of expensive smart shoes found themselves at loose ends. Unable to pair the shoes to their smart phone app, they couldn’t tighten their self-lacing sneakers. It sounds like science fiction, but this really happened.
From dental sensors that can monitor what a person eats to kitty litters that can track a cat’s every movement, it can be difficult to sort fact from fiction when it comes to the Internet of Things (IoT). Can you tell which is real and which is not?
Fact or Fiction? The voice came from inside the Arizona man’s home – his home security camera to be exact. “You’ve never met me. I’m just a hacker.” Fortunately, it was a friendly hacker, alerting the household to a vulnerability in their home security system.
Fact: The hacker had a solution: turn on two-factor authentication. When using IoT devices, consumers can take this simple step, plus a few others, to help protect their privacy and security.
Fact or Fiction? A couple returned home to find that their carpet had been worn through by their overzealous Internet-connected vacuum cleaner. A hacker had programmed it to clean one square foot of their carpet for several Continue reading
The hyperscalers and cloud builders of the world build things that often look and feel like supercomputers if you squint your eyes a little, but if you look closely, you can often see some pretty big differences. …
Inside Facebook’s Future Machine Learning Platforms was written by Timothy Prickett Morgan at .
Exploiting commutativity for practical fast replication Park & Ousterhout, NSDI’19
I’m really impressed with this work. The authors give us a practical-to-implement enhancement to replication schemes (e.g., as used in primary-backup systems) that offers a signification performance boost. I’m expecting to see this picked up and rolled-out in real-world systems as word spreads. At a high level, CURP works by dividing execution into periods of commutative operation where ordering does not matter, punctuated by full syncs whenever commutativity would break.
The Consistent Unordered Replication Protocol (CURP) allows clients to replicate requests that have not yet been ordered, as long as they are commutative. This strategy allows most operations to complete in 1 RTT (the same as an unreplicated system).
When integrated with RAMCloud write latency was improved by ~2x, and write throughput by 4x. Which is impressive given that RAMCloud isn’t exactly hanging around in the first place! When integrated with Redis, CURP was able to add durability and consistency while keeping similar performance to non-durable Redis.
CURP can be easily applied to most existing systems using primary-backup replication. Changes required by CURP are not intrusive, and it works with any kind of backup mechanism (e.g., Continue reading
