How to tame enterprise communications services

Communications capabilities are essential to the success of organizations everywhere. Voice, e-mail, text messaging, multimedia messaging, file sharing, streaming video, conferencing, collaboration, and more – you can’t do business without them. But as traffic volumes and the number of communications services in use continue to grow, so do the IT and operational challenges.Communications services have historically been provisioned by, and are of course still widely available from, broadband landline and wireless carriers who seek value-added revenue to offset the commodity nature of their “big dumb pipe” core businesses. But there are also numerous third-party solution suppliers, private implementations, and unified communications (UC) product and service capabilities. In addition, an increasing number of cloud-based services – many of which are often aimed squarely at consumer end-users rather than organizations – are seeing significant organizational application, and unfortunately often via backdoor or shadow-IT routes.To read this article in full, please click here

The truth about Black Friday and Cyber Monday

The truth about Black Friday and Cyber Monday

At Cloudflare we handle a lot of traffic on behalf of our customers. Something we all see and hear a lot about at this time of year are Black Friday (23 November this year) and Cyber Monday (26 November) - but just how important are these days on the Internet?

The truth about Black Friday and Cyber Monday
Black Friday by Per-Olof Forsberg, license: CC BY 2.0

To try and answer this question, we took a look at anonymised samples of HTTP requests crossing our network. First of all, let’s look at total page views from across our global network from the last few weeks and see if we can spot Black Friday and Cyber Monday:

The truth about Black Friday and Cyber Monday
All page views

So this is total page views by day (UTC) from November 19 (a week before Cyber Monday) until Monday December 3. Other than follow-the-sun fluctuations in a repeating daily pattern, each whole day is pretty similar in shape and size compared to the last. Black Friday and Cyber Monday aren’t visible in overall traffic patterns.

Get specific

We have a very diverse set of customers across 12 million domain names and not all of them are selling products or doing so directly online. To identify those websites Continue reading

How to find the correct MTU and MRU of your link

Overview

In the previous post, I talked about Network IP Fragmentation, what it is and why it’s needed (You are advised to read it before continuing). I also covered the so called PMTUD Black hole effect.

Fixing a PMTUD Black hole is a multistep process, and it starts with finding the correct MTU/MRU of your link.

Now as I’ve discussed, every path can have its own unique MTU/MRU value, but we are usually interested in the max value that is dictated by your ISP.

When you send a packet, it always routes through your ISP. Because of different protocols in place and their overheads (mostly layer 2 ones), it is common for your ISP to force MTU/MRU of less than 1500 bytes on your link.

If a packet exceeds these values, your ISP is required to send the appropriate ICMP messages either back to you (for the MTU), or to the server sending the data (for the MRU). These messages give the corresponding hosts a chance to adapt themselves to the link.

If your ISP decides to not send the required ICMP messages (or they get lost in transaction for some reason), all sorts of issues could arise. And Continue reading

A new look on your Cloudflare dashboard

A new look on your Cloudflare dashboard

Building a great customer experience is a top priority here at Cloudflare. Over the last week, we have been  slowly rolling out an improvement to our customer dashboard - specifically the zone overview page. We are now ready to share the new dashboard with everyone.

A new look on your Cloudflare dashboard
The new Cloudflare dashboard

Many of the changes you’ll notice first were driven directly by customer feedback. We’ve heard time and time again that site owners would like better visibility of their key analytics, and for it to be easier to apply certain common settings changes. This new dashboard provides both, with a snapshot of several of your key analytics, and a new toolkit area for easy access to key functions. This page has also been redesigned from top to bottom for responsiveness across various devices and screen widths.

Even more interesting is all the work under-the-hood that went into making this release and how it sets the stage for improvements to our customer experience as we look ahead to 2019. This is one of the first pieces of production Product work shipped using our new prototyping framework. We will soon be sharing details of the design systems work that underlies the new experience on Continue reading

Using the Linux ss command to examine network and socket connections

The ss (socket statistics) command provides a lot of information by displaying details on socket activity. One way to get started, although this may be a bit overwhelming, is to use the ss -h (help) command to get a listing of the command's numerous options. Another is to try some of the more useful commands and get an idea what each of them can tell you.One very useful command is the ss -s command. This command will show you some overall stats by transport type. In this output, we see stats for RAW, UDP, TCP, INET and FRAG sockets.$ ss -s Total: 524 TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6 RAW 2 1 1 UDP 7 5 2 TCP 8 6 2 INET 17 12 5 FRAG 0 0 0 Raw sockets allow direct sending and receiving of IP packets without protocol-specific transport layer formatting and are used for security appliications such as nmap. TCP provides transmission control protocol and is the primary connection protocol. UDP (user datagram protocol) is similar to TCP but without the error checking. INET includes both of the above. (INET4 and INET6 can be viewed separately Continue reading

Using ss to examine network connections

The ss (socket statistics) command provides a lot of information on network activity by displaying details on socket activity. One way to get started, although this may be a bit overwhelming, is to use the ss -h (help) command to get a listing of the command's numerous options. Another is to try some of the more useful commands and get an idea what each of them can tell you.One very useful command is the ss -s command. This command will show you some overall stats by transport type. In this output, we see stats for RAW, UDP, TCP, INET and FRAG sockets. $ ss -s Total: 524 TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6 RAW 2 1 1 UDP 7 5 2 TCP 8 6 2 INET 17 12 5 FRAG 0 0 0 Raw sockets allow direct sending and receiving of IP packets without protocol-specific transport layer formatting and are used for security appliications such as nmap TCP provides transmission control protocol is the primary connection protocol UDP (user datagram protocol) is similar to TCP but without the error checking INET includes both of the above (INET4 and INET6 can be Continue reading

Optimal Route Reflection: Next Hop Self

Recently, I posted a video short take I did on BGP optimal route reflection. A reader wrote in the comments to that post:

…why can’t Router set next hop self to updates to router E and avoid this suboptimal path?

To answer this question, it is best to return to the scene of the suboptimality—

To describe the problem again: A and C are sending the same route to B, which is a route reflector. B selects the best path from its perspective, which is through B, and sends this route to each of its clients. In this case, E will learn the path with a next hop of A, even though the path through C is closer from E’s perspective. In the video, I discuss several ways to solve this problem; one option I do not talk about is allowing B to set the next hop to itself. Would this work?

Before answering the question, however, it is important to make one observation: I have drawn this network with B as a router in the forwarding path. In many networks, the route reflector is a virtual machine, or a *nix host, and is not capable of forwarding the traffic Continue reading

sFlow to JSON

The latest version of sflowtool can convert sFlow datagrams into JSON, making it easy to write scripts to process the standard sFlow telemetry streaming from devices in the network.

Download and compile the latest version of sflowtool:
git clone https://github.com/sflow/sflowtool.git
cd sflowtool/
./boot.sh 
./configure 
make
sudo make install
The -J option formats the JSON output to be human readable:
$ sflowtool -J
{
 "datagramSourceIP":"10.0.0.162",
 "datagramSize":"396",
 "unixSecondsUTC":"1544241239",
 "localtime":"2018-12-07T19:53:59-0800",
 "datagramVersion":"5",
 "agentSubId":"0",
 "agent":"10.0.0.231",
 "packetSequenceNo":"1068783",
 "sysUpTime":"1338417874",
 "samplesInPacket":"2",
 "samples":[
  {
   "sampleType_tag":"0:2",
   "sampleType":"COUNTERSSAMPLE",
   "sampleSequenceNo":"148239",
   "sourceId":"0:3",
   "elements":[
    {
     "counterBlock_tag":"0:1",
     "ifIndex":"3",
     "networkType":"6",
     "ifSpeed":"1000000000",
     "ifDirection":"1",
     "ifStatus":"3",
     "ifInOctets":"4162076356",
     "ifInUcastPkts":"16312256",
     "ifInMulticastPkts":"187789",
     "ifInBroadcastPkts":"2566",
     "ifInDiscards":"0",
     "ifInErrors":"0",
     "ifInUnknownProtos":"0",
     "ifOutOctets":"2115351089",
     "ifOutUcastPkts":"7087570",
     "ifOutMulticastPkts":"4453258",
     "ifOutBroadcastPkts":"6141715",
     "ifOutDiscards":"0",
     "ifOutErrors":"0",
     "ifPromiscuousMode":"0"
    },
    {
     "counterBlock_tag":"0:2",
     "dot3StatsAlignmentErrors":"0",
     "dot3StatsFCSErrors":"0",
     "dot3StatsSingleCollisionFrames":"0",
     "dot3StatsMultipleCollisionFrames":"0",
     "dot3StatsSQETestErrors":"0",
     "dot3StatsDeferredTransmissions":"0",
     "dot3StatsLateCollisions":"0",
     "dot3StatsExcessiveCollisions":"0",
     "dot3StatsInternalMacTransmitErrors":"0",
     "dot3StatsCarrierSenseErrors":"0",
     "dot3StatsFrameTooLongs":"0",
     "dot3StatsInternalMacReceiveErrors":"0",
     "dot3StatsSymbolErrors":"0"
    }
   ]
  },
  {
   "sampleType_tag":"0:1",
   "sampleType":"FLOWSAMPLE",
   "sampleSequenceNo":"11791",
   "sourceId":"0:3",
   "meanSkipCount":"2000",
   "samplePool":"34185160",
   "dropEvents":"0",
   "inputPort":"3",
   "outputPort":"10",
   "elements":[
    {
     "flowBlock_tag":"0:1",
     "flowSampleType":"HEADER",
     "headerProtocol":"1",
     "sampledPacketSize":"102",
     "strippedBytes":"0",
     "headerLen":"104",
     "headerBytes":"0C-AE-4E-98-0B-89-05-B6-D8-D9-A2-66-80-00-54-00-00-45-08-12-04-00-04-10-4A-FB-A0-00-00-BC-A0-00-00-EF-80-00-DE-B1-E7-26-00-20-75-04-B0-C5-00-00-00-00-96-01-20-00-00-00-00-00-01-11-21-31-41-51-61-71-81-91-A1-B1-C1-D1-E1-F1-02-12-22-32-42-52-62-72-82-92-A2-B2-C2-D2-E2-F2-03-13-23-33-43-53-63-73-1A-1D-4D-76-00-00",
     "dstMAC":"0cae4e980b89",
     "srcMAC":"05b6d8d9a266",
     "IPSize":"88",
     "ip.tot_len":"84",
     "srcIP":"10.0.0.203",
     "dstIP":"10.0.0.254",
     "IPProtocol":"1",
     "IPTOS":"0",
     "IPTTL":"64",
     "IPID":"8576",
     "ICMPType":"8",
     "ICMPCode":"0"
    },
    {
     "flowBlock_tag":"0:1001",
     "extendedType":"SWITCH",
     "in_vlan":"1",
     "in_priority":"0",
     "out_vlan":"1",
     "out_priority":"0"
    }
   ]
  }
 ]
}
The output shows the JSON representation of a single sFlow datagram containing one counter sample and one flow sample.

The Continue reading
1 1,376 1,377 1,378 1,379 1,380 3,841