Kubernetes Network Observability: Comparing Calico, Cilium, Retina, and Netobserv

Calico, Cilium, Retina, and Netobserv: Which Observability Tool is Right for Your Kubernetes Cluster? Network observability is a tale as old as the OSI model itself and anyone who has managed a network or even a Kubernetes cluster knows the feeling: a service suddenly can’t reach its dependency, a pod is mysteriously offline, and the Slack alerts start rolling in. Investigating network connectivity issues in these complex, distributed environments can be incredibly time consuming. Without the right tools, the debugging process often involves manually connecting to each node, running tcpdump on multiple machines, and piecing together logs to find the root cause. A path that often leads to frustration and extended downtime.

This is the problem that Kubernetes Network Observability was built to solve. By deploying distributed observers, these cloud-native solutions take the traditional flow entries and enrich them with Kubernetes flags and labels to allow Kubernetes users to get insight into the inner workings of their clusters.

This blog post aims to give you a rundown of the leading solutions in the CNCF ecosystem, and compare how they track a packet’s journey across your cluster.

Feature Comparison Matrix

Before diving into the specifics, let’s look at how these four Continue reading

NAN113: What Works, and What Doesn’t, in Network Automation Projects

Today we are joined by Matt Remke, who has spent years in the trenches of network automation projects as a consultant. Matt offers a unique, non-engineer perspective on scaling network automation in real-world, complex environments for some of the world’s largest companies. Matt shares what worked, what backfired, and the hard-earned lessons he has gained... Read more »

netlab 26.02: KinD support, more EVPN/VXLAN

netlab release 26.02 is out, including the usual potpourri of goodies:

  • Support for Kubernetes (KinD) clusters based on work by @wnagele
  • Layer-2 EVPN/VXLAN support on Cat8000v, IOL, and IOLL2
  • netlab graph command can create graphs from a subset of nodes or links
  • You can specify the parameters of core links in the fabric plugin
  • OSPFv3 reports

The fun part, however, are the new container configuration methods:

Read more …

PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?

Everything old is new again in today’s Packet Protector news roundup, as a decade-old Telnet exploit resurfaces, and Microsoft unfolds its roadmap to phase out the ancient NTLM protocol. In other news, Google takes down a sprawling residential proxy network, the popular Notepad++ app takes steps to recover from a serious compromise, and a Polish... Read more »

Cisco Doubles Up The Switch Bandwidth To Take On AI Scale Up And Scale Out

In the modern AI datacenter – really, a data galaxy at this point because AI processing needs have broken well beyond the bounds of a single datacenter or even multiple datacenters in a region in a few extreme cases – has two pinch points in the network.

Cisco Doubles Up The Switch Bandwidth To Take On AI Scale Up And Scale Out was written by Timothy Prickett Morgan at The Next Platform.

Multicast PIM Auto RP (V)

Multicast PIM Auto RP (V)

In the previous posts in this series, we covered the basics of multicast, IGMP, PIM Dense Mode, and PIM Sparse Mode. In the Sparse Mode post, we manually configured the RP address on every router in the network. This works fine in a small lab, but in a larger network with many routers, it becomes difficult to manage. If the RP changes, you have to update the configuration on every single router.

Multicast PIM Sparse Mode
Sparse Mode only sends traffic to parts of the network that explicitly request it. Routers with interested receivers send Join messages toward
Multicast PIM Auto RP (V)PacketswitchSuresh Vinasiththamby
Multicast PIM Auto RP (V)

AutoRP solves this problem by allowing routers to dynamically learn the RP address. Instead of manually configuring the RP on each router, you configure one or more routers to announce themselves as Candidate RPs. A separate router (or the same as the Candidate RP router) called the Mapping Agent collects these announcements and distributes the RP information to all other routers in the network. This makes RP management much easier and also provides a way to implement RP redundancy.

There are two methods to dynamically learn the RP address, which are Auto-RP and Bootstrap Router (BSR). In this Continue reading

Open-Source Network Simulators (2026 Edition)

Brian Linkletter published an updated overview of open-source network simulators and emulators.

containerlab and GNS3 are clear leaders (no surprise there) with the original vrnetlab becoming abandonware (fortunately, we have Roman Dodin’s fork), which makes me think we should focus on using netlab primarily with containerlab and slowly sunset the Vagrant support, particularly considering some people actively hate the license change.

Also, if anyone feels like writing an interface (provider module) between netlab and GNS3, the pull request would be most welcome 😎

Any thoughts? Please leave a comment!

Datacenter Spending Forecast Revised Upwards – Yet Again

This is turning into a “dog bites man” story, but the forecasts for spending in the datacenter for this year keep going up and up, and a few days ago Gartner’s economists and prognosticators finished up their tea and looked at the leaves at the common of a cup through a polished crystal ball and predicted that datacenter spending this year would go up.

Datacenter Spending Forecast Revised Upwards – Yet Again was written by Timothy Prickett Morgan at The Next Platform.

NB561: Kubernetes Retires Ingress NGINX; Are Data Centers Headed for Orbit?

Take a Network Break! We start with a trio of follow-ups, including a correction regarding Mplify certifications, Cisco proposing new OSI layers, and free-space optics. Our Red Alert sounds off about a remote code execution vulnerability in the Ivanti Endpoint Manager Mobile agent. On the news front, Broadcom announces new silicon for wireless APs for... Read more »

Fast Arista cEOS Container Configuration

After the enormous speedup I achieved with the FRR containers, I tried to do something similar with the Arista cEOS ones. After all, Arista’s pretty open about running its software on standard Linux, so it should be possible to map host-side configuration files into container-side scripts and execute them, right?

There was just one tiny gotcha: all netlab-generated EOS configuration files are device configuration snippets that are intended to be submitted via EOS CLI, and I didn’t feel like cracking open the netmiko documentation (that’s another backburner project).

However, Arista cEOS includes this magic command called FastCli ;)

Read more …
1 14 15 16 17 18 3,860