Cisco IOS/XR OSPFv2 Not-So-Passive Interfaces
What’s wrong with me? Why do I have to uncover another weirdness every single time I run netlab integration tests on a new platform? Today, it’s Cisco IOS/XR (release 25.2.1) and its understanding of what “passive” means. According to the corresponding documentation, the passive interface configuration command is exactly what I understood it to be:
Use the passive command in appropriate mode to suppress the sending of OSPF protocol operation on an interface.
However, when I ran the OSPFv2 passive interface integration test with an IOS/XR container, it kept failing with neighbor is in Init state (the first and only time I ever encountered such an error after testing over two dozen platforms).
Some Game Theory On That Nvidia-Meta Platforms Partnership
When Meta Platforms does a big AI system deal with Nvidia, that usually means that some other open hardware plan that the company had can’t meet an urgent need for compute. …
Some Game Theory On That Nvidia-Meta Platforms Partnership was written by Timothy Prickett Morgan at The Next Platform.
D2DO294: AI in My Vuln Research Workflow
Kat Traxler, Principal Security Researcher at Vectra AI, returns to the podcast to discuss her AI-powered vulnerability research workflow. She explains how she uses two different AI models to act as the “blackboard” while she applies her expertise to triage AI-generated ideas to increase her productivity. She also asks a concerning question: As AI automates... Read more »Introducing NETWORKGEEKTOOLS.COM
Whether you’re a network engineer troubleshooting a routing issue at 2 AM, a sysadmin verifying DNS propagation after a migration, or a developer checking why your API endpoint isn’t reachable … Read MoreEVPN IP-VRFs on Cisco IOS/XE: Configuration Notes
Last week, I described some of the gotchas I encountered while trying to make EVPN MAC-VRFs work on Cisco IOS/XE. In the meantime, I got IP-VRFs with transit VXLAN segments working. Here are the CliffsNotes:
Starting with the disgusting configuration mechanism:
Project Calico 3.30+ Hackathon: Show Us What You Can Build!
Build the Future of Cloud-Native Networking! 
The Calico community moves fast. With the releases of Calico 3.30 and 3.31, brings improvements in scalability, network security, and visibility. Now, we want to see what YOU can do with them!
We’re excited to officially invite you to the Project Calico 3.30+ Community Hackathon.
Whether you’re a seasoned eBPF expert or a newcomer to the Gateway API, we welcome your innovation and your ideas!
Table of Contents
What’s in the Toolkit?
What’s in the Toolkit?We’ve packed Calico 3.30+ with powerful features ready for you to hack on:
Goldmane & Whisker: High-performance flow insights meets a sleek, operator-friendly UI.- Staged Policies: The “Safety First” way to test Zero Trust before enforcing it.
- Calico Ingress Gateway: Modern, Envoy-powered traffic management via the Gateway API.
- Calico Cloud Ready: Connect open-source clusters to a free-forever, read-only tier for instant visualization and troubleshooting.
- IPAM for Load Balancers: Consistent IP strategies for MetalLB and beyond.
- Advanced QoS: Fine-grained bandwidth and packet rate controls.
Goldmane & Whisker: High-performance flow insights meets a sleek, operator-friendly UI.
Inspiration: What Can You Build?
Inspiration: What Can You Build?Whether you’re a networking guru or an automation Continue reading
AI Eats The World, And Most Of Its Flash Storage
If you want to be in the DRAM and flash memory markets, you had better enjoy rollercoasters. …
AI Eats The World, And Most Of Its Flash Storage was written by Timothy Prickett Morgan at The Next Platform.
HW071: New iOS Tools for WLAN Pi
Adrian Granados joins Keith Parsons to discuss new iOS tools available for the WLAN Pi. These new tools extend a professional’s ability to run Wi-Fi scanning and analysis apps such a Wi-Fi Explorer Pi and Airtool Pi on iOS devices such as iPhones and iPads. Along with the small, portable WLAN Pi itself, these apps... Read more »PP097: How and Why to Turn the Browser into a Universal Security Agent (Sponsored)
With the rise of cloud services and SaaS, the browser has become a primary productivity tool. It’s also a primary vector for malware, phishing, identity theft, data leaks, and other risks. On today’s sponsored episode with Palo Alto Networks, we dive into browser security. We discuss risks to the browser and how they differ from... Read more »Tech Bytes: We Need More Network Engineers; Here’s Ideas to Make It Happen (Sponsored)
Where are all the network engineers? OK, obviously, there are network engineers out there, like the thousands of you listening to this podcast. But there’s an impression that the current generation is aging out of the profession while fewer young people are taking on network engineering as a career. At the same time, networks are... Read more »NB562: Cisco Challenges Broadcom With 102.4Tb ASIC; Arista Reaches Record Revenues
Take a Network Break! We start with listener follow-up on data centers in space, and sound the Red Alert about a sandbox failure in Claude Code and a rash of Microsoft zero-days. On the news front, Cisco announces a 102.4Tbps switch ASIC in its Silicon One line of homegrown chips, and adds AI agent monitoring... Read more »Worth Reading: Modern Forwarding Architectures
Ignoring the obligatory misguided mention of OpenFlow and a few other unicorns, I found this article to be a nice introduction to modern forwarding architectures, including networking infrastructure for AI clusters and distributed cell-based fabrics.
Recreating a Real-World BGP Hijack with the Kathará Network Emulator
Kathará is a container-based network emulator developed by researchers at Roma Tre University in Italy as a modern successor to the Netkit network emulator. Coincidentally, Roma Tre University is also the same organization that developed BGPlay, a tool used to investigate BGP incidents.
Kathará uses Docker containers to emulate network devices. This approach enables users to create complex network topologies comprised of dozens of routers on a modest laptop. Kathará uses simple text-based configuration files that are easy to version-control and share. It’s open source, actively maintained, and runs on Linux, Windows, and MacOS.
In this tutorial, I will use the Kathará network emulator to recreate one of the most famous BGP hijacking incidents in Internet history, the 2008 YouTube hijack. By building a small network topology and simulating a similar attack, we will learn both the fundamentals of Kathará and to gain hands-on experience with BGP security concepts.
Install Kathará
First, we will install the Kathará network emulator and test it by setting up a basic lab environment.
Install Docker
Kathará uses Docker as its container runtime. Install Docker on your Linux system using the official Docker installation guide.
After that, add your user to the docker group Continue reading
Explore Configurations of Unfamiliar Devices with netlab
Apart from IP multicast and QoS, netlab can configure commonly used networking technologies across dozens of devices from most networking vendors. Why don’t you use all that embedded knowledge (supported by hundreds of integration tests) to help you configure unfamiliar devices?
You don’t have to install VM or container managers (Vagrant/containerlab), or beg vendors to give you access to device VMs/containers, to get working device configurations. All you need is a Python package that works on Windows1, macOS, or Linux.
It’s as simple as this: