Cisco taps AMD to power a hyper-dense server for data centers, edge computing

Cisco this week broadened its server family with a high-density box aimed at handling compute intensive data center workloads and distributed edge computing environments.The Cisco C-Series C4200 multinode rack server is a 2RU box comprised of the C4200 chassis and C125 server nodes which Cisco says brings up to 128% higher processor core density and 33% more memory compared to its existing two-socket UCS M5 rack servers.  The C4200 chassis can house up to four server nodes.[ Now see who's developing quantum computers.] “As computing demand shifts from large, traditional data centers to include smaller, more distributed environments at the edge, the ability to mix form factors seamlessly in ‘micro data centers,’ and to manage and automate operations from the cloud becomes vitally important,” wrote Kaustubh Das, Cisco vice president of strategy and product development, storage in its Computing Systems Product Group in a blog about the new server.To read this article in full, please click here

Link Propagation 121: All The Links Fit To Click

Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we hand-select the most relevant practitioner blog posts, tech news, and product announcements. We age them in oak barrels for up to seven days and then distill them using ancient craft techniques handed down by Tim Berners-Lee. […]

Living in Times of Digital Uncertainty: Are Control and Trust Compatible?

The Cambridge Analytica data misuse is the most recent high-profile incident to impact Internet trust. Trust – or the lack thereof – is the term used to describe much of the current state of the Internet. For years now, we have been hearing about a decline in user trust because of fears of surveillance, cybercrime, data breaches, crack downs on speech, or misuse of their data.

However, recently updated data from a recently released edition of CIGI’s annual survey on Trust seems to shatter commonly-held views on the state of trust and raise some novel questions. While the survey covers a wide range of issues from privacy to e-commerce and online habits, one particular result is rather striking:

Three quarters of respondents (73%) said that they agree with the statement “overall, I trust the Internet.” Last year only 56% said that. The trust was highest in China (91%) and India (90%).

This result appears to contradict the assumption that overall trust in the Internet is diminishing.

If, indeed, there is an overall increase in trust, then the first question we should ask is: what type of trust are we talking about?

WISP Design – OSPF “Leapfrog” path for traffic engineering

Introduction

One challenge that every WISP owner or operator has faced is how to leverage unused bandwidth on a backup path to generate more revenue.

For networks that have migrated to MPLS and BGP, this is an easier problem to solve as there are tools that can be used in those protocols like communities or MPLS TE to help manage traffic and set policy.

However, many WISPs rely solely on OSPF and cost adjustment to attempt to influence traffic. Alternatively, trying to use policy routing can lead to a design that doesn’t failover or scale well.

Creating a bottleneck on a single path

WISPs that are OSPF routed will often have a primary path back to the Internet at one or more points in the network typically from a tower that aggregates multiple backhauls.

As more towers are added that rely on this path, it can create a bottleneck while other paths are unused.

ospf-leapfrog-pic1

Creating an alternate best path by leapfrogging another router

One way to solve this problem is to use VLANs to create another subnet for OSPF to form an adjacency.

By tagging the VLAN from Tower 6 through Tower 3 and into Tower 4, a new path Continue reading

WISP Design – OSPF “Leapfrog” path for traffic engineering

Introduction

One challenge that every WISP owner or operator has faced is how to leverage unused bandwidth on a backup path to generate more revenue.

For networks that have migrated to MPLS and BGP, this is an easier problem to solve as there are tools that can be used in those protocols like communities or MPLS TE to help manage traffic and set policy.

However, many WISPs rely solely on OSPF and cost adjustment to attempt to influence traffic. Alternatively, trying to use policy routing can lead to a design that doesn’t failover or scale well.

Creating a bottleneck on a single path

WISPs that are OSPF routed will often have a primary path back to the Internet at one or more points in the network typically from a tower that aggregates multiple backhauls.

As more towers are added that rely on this path, it can create a bottleneck while other paths are unused.

ospf-leapfrog-pic1

Creating an alternate best path by leapfrogging another router

One way to solve this problem is to use VLANs to create another subnet for OSPF to form an adjacency.

By tagging the VLAN from Tower 6 through Tower 3 and into Tower 4, a new path Continue reading

Show 392: Debating The Value Of Expert Certifications

On today’s Weekly Show the Packet Pushers jump on the live grenade that is the debate over the value of IT certifications.

Spurred by Greg’s blog about giving up his CCIE status, this episode looks at the value of technology certifications such as the CCIE and others.

Greg and guests Mike Fryar, Chris Kluka, and Jeremy Filliben discuss the benefits and limits of professional certifications, the differences between certifications and actual skills, whether certifications represent a standardized body of knowledge or just a set of instructions, and how the industry might better foster learning.

Sponsor: InterOptic

InterOptic offers high-performance, high-quality optics at a fraction of the cost. Find out more at InterOptic.com, and if you re attending Interop 2018 in Vegas, stop by the InterOptic booth to learn how they can help you spec the right optics for your network.

Sponsor: Cumulus Networks

The Cumulus Linux network OS is simple, open, untethered Linux that can run on more than 70 hardware platforms and help you transition from your legacy infrastructure. Cumulus Networks is Web-scale networking for the digital age. Go to cumulusnetworks.com to find out more.

Show Links:

Quitting My CCIE Status – Greg Ferro

Jeremy Filliben.com

Continue reading

Install Netmiko on Windows

Netmiko develop by kirk Byers is open source python library  based on Paramiko which simplifies SSH management to network devices .

Netmiko library  makes task to automate . Its very tedious to find out the procedure to install Netmiko in Windows enviornment.Let’s make out task simple :-

Steps:

  • Install Anaconda ( https://www.anaconda.com/download/)
  • From the Anaconda shell, run “conda install paramiko”.a
  • From the Anaconda shell, run “pip install scp”.b
  • Install git for windows (https://www.git-scm.com/downloads)
  • Clone Netmiko from Git Bash Window (https://github.com/ktbyers/netmiko).1
  • Change directory to netmiko.2
  • Run  python setup.py install from Git Bash Window3
  • Check on Python console to confirm the availabilty of paramiko and netmiko libraryresult

Its done.. Enjoy automating tasks !!!!

 

 

Install Netmiko on Windows

Netmiko develop by kirk Byers is open source python library  based on Paramiko which simplifies SSH management to network devices . Netmiko library  makes task to automate . Its very tedious to find out the procedure to install Netmiko in Windows enviornment.Let’s make out task simple :- Steps: Install Anaconda ( https://www.anaconda.com/download/) From the Anaconda […]

ForkBase: an efficient storage engine for blockchain and forkable applications

ForkBase: an efficient storage engine for blockchain and forkable applications Wang et al., arXiv’18

ForkBase is a data storage system designed to support applications that need a combination of data versioning, forking, and tamper proofing. The prime example being blockchain systems, but this could also include collaborative applications such as GoogleDocs. Today for example Ethereum and HyperLedger build their data structures directly on top of a key-value store. ForkBase seeks to push these properties down into the storage layer instead:

One direct benefit is that it reduces development efforts for applications requiring any combination of these features. Another benefit is that it helps applications generalize better by providing additional features, such as efficient historical queries, at no extra cost. Finally, the storage engine can exploit performance optimization that is hard to achieve at the application layer.

Essentially what we end up with is a key-value store with native support for versioning, forking, and tamper evidence, built on top of an underlying object storage system. At the core of ForkBase is a novel index structure called a POS-Tree (pattern-oriented-split tree).

The ForkBase stack

From the bottom-up, ForkBase comprises a chunk storage layer that performs chunking and deduplication, a Continue reading

Today we mitigated 1.1.1.1

Today we mitigated 1.1.1.1

On May 31, 2018 we had a 17 minute outage on our 1.1.1.1 resolver service; this was our doing and not the result of an attack.

Cloudflare is protected from attacks by the Gatebot DDoS mitigation pipeline. Gatebot performs hundreds of mitigations a day, shielding our infrastructure and our customers from L3/L4 and L7 attacks. Here is a chart of a count of daily Gatebot actions this year:

Today we mitigated 1.1.1.1

In the past, we have blogged about our systems:

Today, things didn't go as planned.

Gatebot

Today we mitigated 1.1.1.1

Cloudflare’s network is large, handles many different types of traffic and mitigates different types of known and not-yet-seen attacks. The Gatebot pipeline manages this complexity in three separate stages:

  • attack detection - collects live traffic measurements across the globe and detects attacks
  • reactive automation - chooses appropriate mitigations
  • mitigations - executes mitigation logic on the edge

The benign-sounding "reactive automation" part is actually the most complicated stage in the pipeline. We expected that from the start, which is why we implemented this stage using a custom Functional Reactive Programming (FRP) framework. If you want to know more about it, see the talk and the presentation.

Continue reading

AMD’s EPYC server encryption is the latest security system to fall

It’s a good thing AMD had the sense not to rub Intel’s nose in the Meltdown/Spectre vulnerability, because it would be getting it right back for this one: Researchers from the Fraunhofer Institute for Applied and Integrated Safety in Germany have published a paper detailing how to compromise a virtual machine encrypted by AMD's Secure Encrypted Virtualization (SEV).The news is a bit of a downer for AMD, since it just added Cisco to its list of customers for the EPYC processor. Cisco announced today plans to use EPYC in its density-optimized Cisco UCS C4200 Series Rack Server Chassis and the Cisco UCS C125 M5 Rack Server Node.To read this article in full, please click here

AMD’s EPYC server encryption is the latest security system to fall

It’s a good thing AMD had the sense not to rub Intel’s nose in the Meltdown/Spectre vulnerability, because it would be getting it right back for this one: Researchers from the Fraunhofer Institute for Applied and Integrated Safety in Germany have published a paper detailing how to compromise a virtual machine encrypted by AMD's Secure Encrypted Virtualization (SEV).The news is a bit of a downer for AMD, since it just added Cisco to its list of customers for the EPYC processor. Cisco announced today plans to use EPYC in its density-optimized Cisco UCS C4200 Series Rack Server Chassis and the Cisco UCS C125 M5 Rack Server Node.To read this article in full, please click here

AMD’s Epyc server encryption is the latest security system to fall

It’s a good thing AMD had the sense not to rub Intel’s nose in the Meltdown/Spectre vulnerability, because it would be getting it right back for this one: Researchers from the Fraunhofer Institute for Applied and Integrated Safety in Germany have published a paper detailing how to compromise a virtual machine encrypted by AMD's Secure Encrypted Virtualization (SEV).The news is a bit of a downer for AMD, since it just added Cisco to its list of customers for the Epyc processor. Cisco announced today plans to use Epyc in its density-optimized Cisco UCS C4200 Series Rack Server Chassis and the Cisco UCS C125 M5 Rack Server Node.To read this article in full, please click here

Is open source software a network security risk?

Networks are changing. More and more we’re hearing terms like whitebox, britebox, disaggregation, NOS, commodity hardware and open source when we talk about the future of networking. Since you’re reading this on the Cumulus Networks blog, I’ll assume you get that and spare you a description of these terms here. If you do want a crash course on network disaggregation and how it relates to orchestration/SDN, check out my previous post on the Packet Pushers blog.

With that bit of housekeeping out of the way, let’s dig right into today’s topic: open source software security.

First, why does security matter? If you’re like most network engineers, your primary goal typically is to get bits of data from one place to another. Anything that interferes with the free flow of packets and frames is a potential problem. So the goals of security can at first appear contrary to those of the network. Raise your hand if you’ve ever been frustrated by a firewall rule or some seemingly arcane security policy!

Unfortunately, we no longer have the luxury of ignoring security. Today’s network is one of the most crucial pieces of IT infrastructure for any organization and for the economies we operate in. Continue reading

1 1,586 1,587 1,588 1,589 1,590 3,841