I mentioned Multipath TCP (MP-TCP) numerous times in the past but I never managed to get beyond “this is the thing that might solve some TCP multihoming challenges” We fixed this omission in Episode 100 of Software Gone Wild with Christoph Paasch (software engineer @ Apple) and Mat Martineau from Open Source Technology Center @ Intel.
Read more ...
Let’s look at what’s happening in the Internet Engineering Task Force (IETF) and the upcoming IETF 104 meeting in the area of Internet infrastructure resilience. As usual, my focus here is primarily on the routing and forwarding planes, and specifically routing security and unwanted traffic of Distributed Denial of Service Attacks (DDoS) attacks. There’s interesting and important work underway at the IETF that can help addressing problems in both areas.
This time there are a lot of new ideas, especially of an operational nature, that people bring to the IETF in the form of Internet Drafts that aim to improve the security and resilience of the Internet infrastructure. So I’d like to introduce some of them to you, but keep in mind that an Internet Draft (I-D) does not necessarily indicate IETF endorsement. It also does not constitute a standard and may even not result in any work at the IETF.
So let’s look at what’s happening in BGP land.
In the recent paper “BGP Communities: Even more Worms in the Routing Can“, the authors demonstrated that Border Gateway Protocol (BGP) communities can be exploited by remote parties to influence routing in Continue reading
Slim: OS kernel support for a low-overhead container overlay network Zhuo et al., NSDI’19
Container overlay networks rely on packet transformations, with each packet traversing the networking stack twice on its way from the sending container to the receiving container.
There are CPU, throughput, and latency overheads associated with those traversals.
In this paper, we ask whether we can design and implement a container overlay network, where packets go through the OS kernel’s network stack only once. This requires us to remove packet transformation from the overlay network’s data-plane. Instead, we implement network virtualization by manipulating connection-level metadata at connection setup time, saving CPU cycles and reducing packet latency.
Slim comes with some caveats: it requires a kernel module for secure deployment, has longer connection establishment times, doesn’t fit with packet-based network policies, and only handles TCP traffic. For UDP, ICMP, and for its own service discovery, it also relies on an existing container overlay network (Weave Net). But for longer lasting connections managed using connection-based network policies it delivers some impressive results:
At this point in the history of the IT business, it is a foregone conclusion that accelerated computing, perhaps in a more diverse manner than many of us anticipated, is the future both in the datacenter and at the edge. … “The Still Expanding Market For GPU Compute”
The Still Expanding Market For GPU Compute was written by Timothy Prickett Morgan at .
The new capability allows mobile operators to self provision for guaranteed SLAs based on latency...
The new specifications broaden support for different access technologies and NFV integration.
The CEO said that the issue for European operators in banning Huawei has less to do with security...
Korean mobile operators look set to beat Verizon by a matter of days in the race to a 5G network...
Check out our third edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend.
Sign up below to have The Serverlist sent directly to your mailbox.
Inspur set a goal to be the top server market vendor by 2023, and it’s got a plan to steal market...
MPLS core networks that use Label Distribution Protocol (LDP) are common in SP core networks and have served us well. So, the thought of pulling the guts out of the core is pretty daunting and invites the question why you would want to perform open-heart surgery on such critical infrastructure. This article attempts to explain the benefits that would accrue from such a move and gives a high-level view of a migration strategy.
Free (as in Freedom) Computer Textbook for Computer Networking
The post Computer Networks: A Systems Approach – free textbook appeared first on EtherealMind.
There are a few critical security differences between IPv4 and IPv6, including host addressing and extension headers. In today's IPv6 Buzz episode, we examine these differences, and other v6 security issues, with guest Eric Vyncke, a Distinguished Engineer at Cisco and co-author of the book "IPv6 Security."
The post IPv6 Buzz 022: Critical Security Differences Between IPv4 And IPv6 appeared first on Packet Pushers.
We’re super stoked about bringing you Workers.dev, and we’re even more stoked at every opportunity we have to dogfood Workers. Using what we create keeps us tuned in to the developer experience, which takes a good deal of guesswork out of drawing our roadmaps.
Our goal with Workers.dev is to provide a way to deploy JavaScript code to our network of 165 data centers without requiring developers to register a domain with Cloudflare first. While we gear up for general availability, we wanted to provide users an opportunity to reserve their favorite subdomain in a fair and consistent way, so we built a system to allow visitors to reserve a subdomain where their Workers will live once Workers.dev is released. This is the story of how we wrote the system backing that submission process.
Of course, we always want to use the best tool for the job, so designing the Workers that would back Workers.dev started with an inventory of constraints and user experience expectations:
Schrödinger’s cat or stone soup, pick your favorite ONAP analogy.
Looking at the marketing landscape for IT, you could be forgiven for thinking that the current strategy was to dynamite a word factory and use the resulting debris as marketing content. DevSecOps. NetDevOps. Ops, ops, spam, eggs, spam, and DevSpamOps.
The naming trend lends itself easily to parody, but it began as shorthand for an attempt to solve real IT problems. And its iterations have more in common than a resemblance to alphabet salad. What lies beneath the buzzwords? And do you need to care?
Countless companies have jumped on the NetDevOps bandwagon, all with their own way of doing things; and most are utterly incompatible with everyone else. Some may have already abandoned the NetDevOps craze, believing it to be nothing but marketing hype wrapped around a YAML parser and some scripts. Others might have found a system that works for them and swear by it, using nothing else for provisioning.
Regardless of views, a system that allows for rapid provisioning and re-provisioning of applications, containers, virtual machines, and network infrastructure is paramount.
The modern era of namesmashing started with DevOps. This made a sort of sense because, before this, IT had Continue reading
It wasn’t so long ago that only supercomputing centers had to resort to fancy cooling technology to keep their systems running smoothly and at peak performance. … “Dealing With Density In The Datacenter And Beyond”
Dealing With Density In The Datacenter And Beyond was written by Michael Feldman at .