Linux Networking
Configuring network components on Linux.Sorry, Network Jobs Are Changing
There’s a lot of angst in the networking community about programming, SDN, automation, and what it means for networking careers. Plenty of people will tell you don’t worry about it, focus on the fundamentals, there’s plenty of work, you will be fine.
There is some truth in that. There are still lots of jobs in networking. People with solid skillsets should have no problem finding a good job.
But.
Don’t fool yourself. Things are changing.
I’ve seen some research from Gartner that indicates that organisations have been steadily decreasing their Network Operations teams over the last five years. They have also been reducing their Data Networks spend. (Sadly I don’t have publication rights for this research, so you’ll just have to take my word for it).
This is going to put pressure on networking engineers. Your role will be forced to change, if for no other reason than that you are going to have less budget, and fewer people to do the work.
So you’d better think about what that means for how your role might change.
Do you need to change jobs today? No. You don’t have to outrun the lion’ - but you do want to make Continue reading
Puppet Adds Characters and Depth to its Automation Show
Enterprises have seen automation success, but not enough to justify further investments.
Least Privilege Container Orchestration
The Docker platform and the container has become the standard for packaging, deploying, and managing applications. In order to coordinate running containers across multiple nodes in a cluster, a key capability is required: a container orchestrator.
Orchestrators are responsible for critical clustering and scheduling tasks, such as:
- Managing container scheduling and resource allocation.
- Support service discovery and hitless application deploys.
- Distribute the necessary resources that applications need to run.
Unfortunately, the distributed nature of orchestrators and the ephemeral nature of resources in this environment makes securing orchestrators a challenging task. In this post, we will describe in detail the less-considered—yet vital—aspect of the security model of container orchestrators, and how Docker Enterprise Edition with its built-in orchestration capability, Swarm mode, overcomes these difficulties.
Motivation and threat model
One of the primary objectives of Docker EE with swarm mode is to provide an orchestrator with security built-in. To achieve this goal, we developed the first container orchestrator designed with the principle of least privilege in mind.
In computer science,the principle of least privilege in a distributed system requires that each participant of the system must only have access to the information and resources that are necessary for its legitimate purpose. No Continue reading
Datanauts 105: Cryptocurrencies And The Blockchain
The Datanauts get an introduction to cryptocurrencies and the blockchain. The post Datanauts 105: Cryptocurrencies And The Blockchain appeared first on Packet Pushers.
New Paper on Online Privacy in the Wake of Pervasive Surveillance Revelations
In 2015, I was lucky enough to give an invited keynote at the 20th anniversary of the Ethicomp conference. I found that many of the issues up for discussion were ones in which the Internet Society also has a keen interest: for example — responsible innovation, the ethics of autonomous systems, and what do in the wake of Edward Snowden’s revelations about pervasive state monitoring of the Internet. The conference has now produced a special edition of the Journal of Information, Communication and Ethics in Society (JICES), specifically to report on a global set of surveys on the responses to Snowden. I was invited to write a paper for this special edition, to accompany the more traditional academic analyses of the surveys. My full article, “After Snowden – the evolving landscape of privacy and technology” is now available.
Writing the paper gave me a chance to step back and look at how the privacy advocacy community’s work has changed since Snowden – one of those rare moments in which the frog gets to hop out of the rapidly warming water and contemplate the saucepan. Here are a few of the trends I noted.
First, there has been Continue reading
The Promise of P4 Runtime and How It’s Propelling the ONF
With P4 developers can program the forwarding plane.
ShiftLeft Software Analyzes Source Code ‘Security DNA’
The startup emerged from stealth mode and closed a $9.3 million Series A funding round.
Zodiac WX – Northbound Networks
A WiFi Base station using OpenFlow for $250. The Zodiac WX is the world’s first fully integrated OpenFlow® Wireless Access Point. It is a high powered ceiling / wall mountable Dual-Band AC1200 AP that includes 2 Gigabit Ethernet ports and support for PoE. We have integrated our Zodiac OpenFlow® engine directly into the wireless drivers so […]
“Responsible encryption” fallacies
Deputy Attorney General Rod Rosenstein gave a speech recently calling for "Responsible Encryption" (aka. "Crypto Backdoors"). It's full of dangerous ideas that need to be debunked.The importance of law enforcement
The first third of the speech talks about the importance of law enforcement, as if it's the only thing standing between us and chaos. It cites the 2016 Mirai attacks as an example of the chaos that will only get worse without stricter law enforcement.
But the Mira case demonstrated the opposite, how law enforcement is not needed. They made no arrests in the case. A year later, they still haven't a clue who did it.
Conversely, we technologists have fixed the major infrastructure issues. Specifically, those affected by the DNS outage have moved to multiple DNS providers, including a high-capacity DNS provider like Google and Amazon who can handle such large attacks easily.
In other words, we the people fixed the major Mirai problem, and law-enforcement didn't.
But the Mira case demonstrated the opposite, how law enforcement is not needed. They made no arrests in the case. A year later, they still haven't a clue who did it.
Conversely, we technologists have fixed the major infrastructure issues. Specifically, those affected by the DNS outage have moved to multiple DNS providers, including a high-capacity DNS provider like Google and Amazon who can handle such large attacks easily.
In other words, we the people fixed the major Mirai problem, and law-enforcement didn't.
Moreover, instead being a solution to cyber threats, law enforcement has become a threat itself. The DNC didn't have the FBI investigate the attacks from Russia likely because they didn't want the FBI reading all their files, finding wrongdoing by the Continue reading
Dell to Invest $1B in IoT Research
Dell's IoT Division will develop products and incorporate AI and machine learning.
Baidu Sheds Precision Without Paying Deep Learning Accuracy Cost
One of the reasons we have written so much about Chinese search and social web giant, Baidu, in the last few years is because they have openly described both the hardware and software steps to making deep learning efficient and high performance at scale.
In addition to providing several benchmarking efforts and GPU use cases, researchers at the company’s Silicon Valley AI Lab (SVAIL) have been at the forefront of eking power efficiency and performance out of new hardware by lowering precision. This is a trend that has kickstarted similar thinking in hardware usage in other areas, including supercomputing …
Baidu Sheds Precision Without Paying Deep Learning Accuracy Cost was written by Nicole Hemsoth at The Next Platform.
Dell EMC Q&A: SDN: The Foundation for Software-Defined Storage
Thanks to all who joined us for the Dell EMC Webinar: SDN: The Foundation for Software-Defined Storage. During the webinar Dell EMC discussed benefits of software defined networking for SDS solutions. After the webinar, we took questions from the audience. Read the full SDN: The Foundation for Software-Defined Storage Q&A below. Does big switch work with... Read more →
Cloud Foundry Morphs Kubo into Container Runtime
The organization's move adds to the growing push for simplifying container deployments.
Intel Takes First Steps To Universal Quantum Computing
Someone is going to commercialize a general purpose, universal quantum computer first, and Intel wants to be the first. So does Google. So does IBM. And D-Wave is pretty sure it already has done this, even if many academics and a slew of upstart competitors don’t agree. What we can all agree on is that there is a very long road ahead in the development of quantum computing, and it will be a costly endeavor that could nonetheless help solve some intractable problems.
This week, Intel showed off the handiwork its engineers and those of partner QuTech, a …
Intel Takes First Steps To Universal Quantum Computing was written by Timothy Prickett Morgan at The Next Platform.
iTerm2 Tip: Repeating Commands Using a Coprocess
iTerm2 is a great terminal for MacOS; far better than Apple’s built-in Terminal app, and it’s my #1 recommendation for Mac-based network engineers. One of the many reasons I like it is that it has a feature that solves a really annoying problem.
It’s tedious having to issue a command repeatedly so that you can see when and if the output changes. I’ve had to do this in the past, repeating commands like show ip arp so that I can spot when an entry times out and when it it refreshes. The repeated sequence of up arrow, Enter, up arrow, Enter, up arrow, Enter
drives me mad.
Some vendors offer assistance; A10 Networks for example has a repeat
command in the CLI specifically to help with show commands:
a10-vMaster[2/2]#repeat 5 show arp Total arp entries: 25 Age time: 300 secs IP Address MAC Address Type Age Interface Vlan --------------------------------------------------------------------------- 10.1.1.65 0000.5e00.01a1 Dynamic 17 Management 1 10.1.1.67 ac4b.c821.57d1 Dynamic 255 Management 1 10.1.1.97 001f.a0f8.d901 Dynamic 22 Management 1 Refreshing command every 5 seconds. (press ^C to quit) Elapsed Time: 00:00:00 Total arp entries: 25 Age time: Continue reading