Reaction: AT&T’s Paper on dNOS

The AT&T White Paper: What they get Right, what they get Wrong

AT&T recently published a paper on dNOS, an open, disaggregated, Network Operating System for any kind of hardware. They list three primary purposes for their effort at helping the networking industry build an open source dNOS:

  • To improve the rate of innovation and introduction of new features
  • To provide more flexibility in network design
  • To reduce costs where possible by taking advantage of purchasing “at scale”

How could disaggregation help with these three goals? The first of these, the rate of innovation, is really about packaging and perception, but we often forget that perception is a large part of innovation. If software developers always believe they must wait on the hardware, and hardware developers always feel like they must wait on the software, then the two teams develop an interlocking system that can slow down the pace at which either team can operate. One certain way to drive innovation is to break up such interconnected systems, allowing each one to use the features of the other in ways not originally intended, or drive the other team to create new features through competition. For instance, if the software team Continue reading

Continuing David Vyorst’s Legacy: Recognizing the Next Generation of Open Internet Advocates

Last week we shared the sad news that David Vyorst, the Executive Director of the ISOC-DC chapter and an instrumental part of the North American Internet community, passed away.

The DC Chapter and the Internet Society are jointly establishing a fellowship award in David’s name. The fellowship will be awarded to a young person in a US-based chapter who has an innovative project or initiative for making a chapter more effective in advancing the values of a free and open Internet accessible by everyone.

You can visit the DC Chapter’s website to make a donation in David’s memory.

Photo credit: Glenn McKnight

The post Continuing David Vyorst’s Legacy: Recognizing the Next Generation of Open Internet Advocates appeared first on Internet Society.

Creating Chaos to Save the Datacenter

Downtime has been plaguing companies for decades, and the problems have only been exacerbated during the internet era and with the rise of ecommerce and the cloud.

Systems crash, money is lost because no one is buying anything, more money is spent on the engineers and the time they need to fix the problem and get things back online. In the meantime, enterprises have to deal with frustrated customers and risk losing many of them, who lose trust the in the company and opt to move their business elsewhere. For much of that time, the response to system failures has

Creating Chaos to Save the Datacenter was written by Nicole Hemsoth at The Next Platform.

How to create self-driving private clouds

A few years ago, the Society of Automotive Engineers (SAE) outlined the five stages of self-driving vehicles. In actuality, there are six levels, but the zero level is no automation, so we will ignore that. The idea behind the different phases is to make it possible for us to get there in a reasonable, phased approach.It’s unrealistic that the car manufacturers could go from where we are today to a fully autonomous car with no driver or even controls. Even if the automotive community could build an autonomous vehicle today, very few people would have enough trust to use a car with no controls. When it comes to a massive shift like this, crawl-walk-run is definitely the right approach — and that’s what the five stages are designed to do.To read this article in full, please click here

Why Some Phishing Emails Are Mysteriously Disappearing

Why Some Phishing Emails Are Mysteriously Disappearing

Why Some Phishing Emails Are Mysteriously Disappearing

Phishing is the absolute worst.

Unfortunately, sometimes phishing campaigns use Cloudflare for the very convenient, free DNS. To be clear –– there’s a difference between a compromised server being leveraged to send phishing emails and an intentionally malicious website dedicated to this type of activity. The latter clearly violates our terms of service.

In the past, our Trust and Safety team would kick these intentional phishers off the platform, but now we have a new trick up our sleeve and a way for their malicious emails to mysteriously disappear into the ether.

Background: How Email Works

SMTP - the protocol used for sending email - was finalized in 1982, when it was just a small community online. Many of them knew and trusted each other, and so the protocol was built entirely on trust. In an SMTP message, the MAIL FROM field can be arbitrarily defined. That means you could send an email from any email address, even one you don’t own.

This is great for phishers, and bad for everyone else.

The solution to prevent email spoofing was to create the Sender Policy Framework (SPF). SPF allows the domain owner to specify which servers are allowed to send Continue reading

How to squeeze the most out of Linux file compression

If you have any doubt about the many commands and options available on Linux systems for file compression, you might want to take a look at the output of the apropos compress command. Chances are you'll be surprised by the many commands that you can use for compressing and decompressing files, as well as for comparing compressed files, examining and searching through the content of compressed files, and even changing a compressed file from one format to another (i.e., .z format to .gz format).You're likely to see all of these entries just for the suite of bzip2 compression commands. Add in zip, gzip, and xz, and you've got a lot of interesting options.To read this article in full, please click here

Reflections on a Global and Cyber heavy week at GCCS and GFCE

Two weeks ago, a small Internet Society delegation was in Delhi to participate in a number of events that contained the word ‘Global’ and ‘Cyber’. In this post, I’ll share some of our perspectives on the first two events – the GCCS and the GFCE.

GCCS – The Global Conference on Cyberspace

The first meeting of the week was the Global Conference on Cyberspace. This was originally a government-initiated conference series and is also commonly known as the London Process.

Part of the strength of these meetings is that they create a trusted environment for governments to discuss global issues that are usually state-centric, such as international aspects of security and stability. Over time, these meetings have opened up to other stakeholders, with the 2015 meeting in The Hague being the most inclusive so far. However, inclusive participation is not a given. Inclusion is important because these types of meetings ultimately are where norms for inter-state behaviour emerge, not necessarily in writing but through the development of a common narrative. But such narratives are only strong and impactful if those who implement and are impacted by those norms have a seat at the table. Although inclusive, multi-stakeholder participation has historically Continue reading

Network Topology Visualization – Example of Using LLDP Neighborships, NETCONF and little Python/Javascript

Ok, this is a continuation of two streams of articles here, first my recent NETCONF tutorial here, and secondly my very old project (back then in Java) of visualization of network topologies using SNMP information called “HelloRoute”. So this is a resurrection of a very old ideas, just using newer methods and tools. But first a foreword on visualization.

Foreword – Visualization use in Network Infrastructure by Author’s experience

Well, as far as I would say, automated network visualization or documentation never really took of as primary source of documentation, everywhere I look we still maintain manually created maps with version control, trying to keep them up-to-date in change process and etc… , the reason why this is so is the context that human author can give the map, for example office networks mapped by purpose or parts of buildings, or by legal organizations. Have a look on the picture below, this is a difference between human and automated maps in most generic network modeling tools.

Now to not completely kill the point of you finishing this tutorial, I BELIEVE THE PROBLEM IS THAT VISUALIZATION TOOLS ON MARKET ARE MOSTLY GENERIC PRODUCTS, Continue reading

Moving Complexity to Application Layer?

One of my readers sent me this question:

One thing that I notice is you mentioned moving the complexity to the upper layer. I was wondering why browsers don't support multiple IP addresses for a single site – when a browser receives more than one IP address in a DNS response, it could try to perform TCP SYN to the first address, and if it fails it will move to the other address. This way we don't need an anycast solution for DR site.

Of course I pointed out an old blog post ;), and we all know that Happy Eyeballs work this way.

Read more ...

The FCC Wants to Kill Net Neutrality – Use Battle for the Net on Cloudflare Apps to Fight Back

The FCC Wants to Kill Net Neutrality - Use Battle for the Net on Cloudflare Apps to Fight Back

The FCC Wants to Kill Net Neutrality - Use Battle for the Net on Cloudflare Apps to Fight Back

TL;DR - Net neutrality is under attack. There's an app on Cloudflare Apps that empowers site owners to host a popup on their sites, encouraging users to contact their congresspeople to fight back. Everyone should be doing this right now, before the December 14th FCC vote.

Use Battle for the Net to Call your Congressperson »

Attend Cloudflare's Save the Internet! Net Neutrality Call-A-Thon »

The Federal Communications Commission (FCC) has scheduled a vote to kill its net neutrality rules this Thursday, December 14th. Unfortunately, the expectation is that the FCC will vote to repeal its net neutrality rules. Read about this on Business Insider, Bloomberg, or TechCrunch.

Net neutrality is the principle that networks should not discriminate against content that passes through them. The FCC’s net neutrality rules protect the Internet, users, and companies from abusive behavior by the largest Internet Service Providers (ISPs). Without net neutrality rules in place, ISPs may be able to legally create a "pay to play" system and charge websites to provide content to their customers more quickly. This will create a disadvantage for startups, bloggers, and everyone else who cannot afford to pay fees for their websites to offer faster service.

Continue reading

Install and run the Cloonix network emulator on Packet.net

This tutorial shows how to set up the Cloonix network emulator on a Packet.net server. It builds on top of my previous post about how to set up a virtualization server on Packet.net. Now, I focus on a specific case: setting up the Cloonix network emulator on the virtualization server. You should read my previous post before reading this one.

Running Cloonix on a remote server enables users to work with more complex network emulation scenarios than would be possible on a standard laptop computer. For example. Cloonix recently added a feature which allows users to run Cisco router images in a Cloonix network emulation scenario. Cisco router images require a large amount of computer resources so I cannot run more than a few on my personal laptop computer. If I use a remote Packet server, I could run dozens of Cisco images in a network emulation scenario if I wanted to.

In this post, I will set up a Cloonix network emulation server on Packet.net so it can be started, stopped, and restarted relatively quickly.

Table of Contents

  1. Cloonix v37 overview
  2. Packet.net overview
  3. Tutorial summary
  4. Start a server and attach storage
  5. Load Files onto Block Continue reading

Using Vagrant with Azure

In this post, I’ll describe how to use Vagrant with Azure. You can consider this article an extension of some of my earlier Vagrant articles; namely, the posts on using Vagrant with AWS and using Vagrant with OpenStack. The theme across all these posts is examining how one might use Vagrant to simplify/streamline the consumption of resources from a provider using the familiar Vagrant workflow.

If you aren’t already familiar with Vagrant, I’d highly recommend first taking a look at my introduction to Vagrant, which provides an overview of the tool and how it’s used.

Prerequisites

Naturally, you’ll need to first ensure that you have Vagrant installed. This is really well-documented already, so I won’t go over it here. Next, you’ll need to install the Azure provider for Vagrant, which you can handle using this command:

vagrant plugin install vagrant-azure

You’ll also (generally) want to have the Azure CLI installed. (You’ll need it for a one-time configuration task I’ll mention shortly.) I’ve published a couple posts on installing the Azure CLI; see here or here.

Once you’ve installed the vagrant-azure plugin and the Azure CLI, you’ll next need to install a box that Vagrant can use. Here, the Continue reading

McAllen, Texas: Cloudflare opens 119th Data Center just north of the Mexico border

McAllen, Texas: Cloudflare opens 119th Data Center just north of the Mexico border

McAllen, Texas: Cloudflare opens 119th Data Center just north of the Mexico border

Five key facts to know about McAllen, Texas

  • McAllen, Texas is on the southern tip of the Rio Grande Valley
  • The city is named after John McAllen, who provided land in 1904 to bring the St. Louis, Brownsville & Mexico Railway railway into the area
  • McAllen, Texas is named the City of Palms
  • The border between Mexico and the USA is less than nine miles away from the data center
  • McAllen, Texas is where Cloudflare has placed its 119th data center

Second datacenter in Texas; first on the border with Mexico

While McAllen is close to the Mexican border, its importance goes well beyond that simple fact. The city is halfway between Dallas, Texas (where Cloudflare has an existing datacenter) and Mexico City, the center and capital of Mexico. This means that any Cloudflare traffic delivered into Mexico is better served from McAllen. Removing 500 miles from the latency equation is a good thing. 500 miles equates to around 12 milliseconds of round-trip latency and when a connection operates (as all connections should), as a secure connection, then there can be many round trip communications before the first page starts showing up. Improving latency is key, even if we have Continue reading

1 1,788 1,789 1,790 1,791 1,792 3,836