Solving the Problem in the Right Place

Sometimes I have this weird feeling that I’m the only loony in town desperately preaching against the stupidities heaped upon infrastructure, so it’s really nice when I find a fellow lost soul. This is what another senior networking engineer sent me:

I'm belonging to a small group of people who are thinking that the source of the problem are the apps and the associated business/security rules: their nature, their complexity, their lifecycle...

Sounds familiar (I probably wrote a few blog posts on this topic in the past), and it only got better.

Read more ...

Deploy360 @ ENOG 14

Our colleague Jan Žorž from the Deploy360 team will be presenting at the 14th Eurasia Network Operators Groups (ENOG 14) on 9-10 October 2017 in Minsk, Belarus. This is being preceded by workshops on Best Practices in IPv6 BGP and DNSSEC Operations.

Jan will be talking about his real life experiences with NAT64/DNS64 and will be demonstrating the NAT64check tool on Monday evening (17.00-18.15). Following after his talk is a BoF on the Internet-of-Things (18.30-19.30), which is also sure to include discussions about the importance of IPv6 to scale the expected many billions of devices in future.

We’d also like to highlight the Cloudflare update on IPv6, DNS, DNSSEC, CA certs from Martin Levy (Cloudflare) on the Tuesday (10.00-11.30), who seems to be managing to cover just about all the Deploy360 topics in one talk. And for routing security, Kirill Malevanov, (Selectel) will be discussing his experiences of IPv4 prefix hijacking.

More Information

The post Deploy360 @ ENOG 14 appeared first on Internet Society.

Support New Ways of Working To Connect The World

The World Telecommunications Conference (WTDC) begins today. This is a key moment to remind the world that together we can shape a digital future that puts humanity at the heart of the Internet.  But to do this we need your help.

Help send the message that to close the digital divide we’ll need new ways of working, new ways of thinking, and new policies support it all.

Much of what we are speaking on at WTDC serve as real-world examples of the kinds of things we need policy and decision makers to support – community networking being a key focus.

We will keep you up-to-date on what is happening and what we need to do next the conference.

Here’s how you can help:

Take part in a Pre-Event Roundtable

On Sunday, October 8, 17:20 UTC (4:20 PM Argentina Local Time) Internet Society’s Vice President, Global Engagement Raúl Echeberría will speak on the importance of community networks at a Pre-Event-Private Sector Roundtable on Partnering for the SDGs. Watch it here.

 Share Raul’s Blog

Raul’s wrote a critical blog to launch our WTDC message.  Please share it across your channels.

“Every Connection Matters – Shape Tomorrow and Help Close Digital Continue reading

BGP ADD-PATH – Summary

Hi,

First things first, I have been getting a lot of requests to upload the lab’s which i illustrate as is, so i shall be uploading them to a Github page with initial and final-configs and Instead of vagrant i shall be using EVE-NG as a tool so that you guys can import them easily.

https://github.com/r2079/JDC

Going through Fabric-Path and CLOS concepts, got myself started with 3 Stage Clos and as a part of understanding it, discovered something.

Why –  To make sure Servers at one end have equal cost path to the servers-at other end, at scale the spine accordingly optimizing the CAPEX.

Simple words, in the below topology, we need to make sure that R6 has equal cost to R7 and vice-versa.

 

Protocols and setup

-> OSPF for the entire domain and Ibgp to peer between RR (R2) and all other loopbacks, we use OSPF so that Ibgp peering will be over Loopback and also for load-balancing protocol Next-hops

-> Default routes on R6 and R7, load-balance (per-packet) on all-routers (where technically required)

-> R3 AND R4,R5 has static back to loopbacks of R6 and R7 respectively, advertising them into OSPF will defeat the purpose obviously Continue reading

Introduction to DHCP (Dynamic host configuration protocol)

 Today I am going to talk about the most interesting topic named as DHCP. I knew lot of you guys already knew about the DHCP and how it works in the real network environment but some of you are the beginners in the field of networking and this is why it is one of the most important topic for them.

Why we use the DHCP server and what is the purpose of the DHCP ?

Well Routers, servers, other key nodes require specific or static IP address and Clients can use an IP from a pool of available addresses. Minimum host configuration for Internet:
  • IP address
  • Subnet mask
  • Default gateway
  • DNS server IP

DHCP allows network administrator to assign a pool of available IP addresses for clients with additional configuration information such as default gateway, DNS IP, WINS IP, domain names
Addresses are leased, Cisco default is 24 hours

Fig 1.1- DHCP Server


DHCP process
·      Client boots up, sends a DHCPDISCOVER broadcast
·      All available DHCP servers respond with DHCPOFFER containing proposed IP address, lease time, DNS IP; server checks that IP offered is not in use before making the offer by issuing a default 2 pings
Continue reading

“Keep those eyebrows up!” – Cybersecurity at the Global Women’s Forum

News of cyberattacks is slowly becoming a new normal. We are still at a stage where high-profile cases, like the recent attack against the American credit reporting company Equifax, in which 145.5 million users had their personal information compromised, raise eyebrows. But we need those eyebrows to stay up because we should never accept cyber threats as the new normal.

This week in Paris, hundreds of leaders met at the Women’s Forum to discuss some of the key issues that will shape the future of a world in transition, including cybersecurity. But this topic is not just a concern for the experts – it’s a concern to all men and women leading any business today.

New risks on the horizon

A recent report by the Internet Society, “Paths to Our Digital Future”, points out that now is a big moment for the Internet. The revolution we already see could accelerate in the coming years, not only due to the increasing digitalization of services and businesses, but also through the expansion of objects being connected to the Internet – the Internet of Things (IoT). By 2020 more than 20 billion “things” could be connected.

Suddenly it’s not only Continue reading

IDG Contributor Network: Data or metadata? For the IoT they’re both important

Think about the most successful, widely scaled networks that let us function in today's world. No I’m not talking about internet service providers, I mean the Really, Really Big Networks. The ones that without which modern civilization would be very different. The telephone system. Intermodal containerized shipping. Air traffic control. And they all have one vitally important enabling element that made them all scalable: a Control Layer that is not intrinsic to the electronic or physical streams that make up the network traffic. For phones, it’s Signalling System 7, which has managed to run the world of voice calls for decades. For intermodal shipping, it’s container manifests. For aviation, it’s ATC. And they truly do, run the globe.To read this article in full or to leave a comment, please click here

Traceroute Lies! A Typical Misinterpretation Of Output

Sometimes a user with performance issues will proudly present me with a traceroute and point to a particular hop in the network and accuse it of being the problem because of high latency on the link. About 1 time in 1000 they are correct and the link is totally saturated. The other 999 times, well, let me explain.

Traceroute

Traceroute Output

Here’s a typical traceroute I might be sent by a user (IPs and hostnames are altered to protect the innocent):

$ traceroute www-europe
traceroute to www-europe (18.9.4.17), 64 hops max, 52 byte packets
 1  gateway (57.239.196.133)          11.447 ms   18.371ms    25.057 ms
 2  us-atl-edge (137.16.151.202)      13.338 ms   20.070 ms   19.119 ms
 3  us-ga-core (57.239.129.37)       103.789 ms  105.998 ms  103.696 ms
 4  us-nyc-core (57.239.128.189)     107.601 ms  103.116 ms  103.934 ms
 5  us-east-core (57.239.13.42)     103.099 ms  104.215 ms  109.042 ms
 6  us-east-bb1 (57.239.111.58)      107.824 ms  104.463 ms  103.482 ms
 7  uk-south-bb1 (57.240.117.81)     106.439 ms  111.156 ms  104.761 ms
  Continue reading

Fumbling Through Networking

Ansible Fumbling Through Networking Blog

This blog post is written by a systems person who has always dodged networking ... until now. I gave Ansible networking modules a try with a vyos Vagrant image. This blog describes how I fumbled through the process of writing my first Ansible playbook to successfully gather facts from a running vyos virtual machine.

First things first, I need a network thingy to run commands on. I don’t have a physical networking thingy so let’s go searching for a virtual one. After some googling for a Cisco IOS virtual machine I found and started to download an ISO. While that was going on I pinged my co-worker Ben on Slack. Ben’s a networking guy within Ansible. I asked him what virtual device he uses. He pointed me at a vyos Vagrant image. So I canceled the Cisco IOS ISO download and ran the needed vagrant commands.

vagrant init higebu/vyos
vagrant up

Ok, that did something but what did it do? Let me try the old vagrant ssh. Nope, that didn’t work. Oh, I got another message from Ben on slack. He mentions I’m going to need a plugin to make this work smoothly with Vagrant and to run:

vagrant plugin install  Continue reading

Stuff The Internet Says On Scalability For October 6th, 2017

Hey, it's HighScalability time: 

 

LiDAR sees an enchanted world. (Luminar)

 

If you like this sort of Stuff then please support me on Patreon.

 

  • 14TB: Western Digital Hard Drive; 3B: Yahoo's perfidy; ~80%: companies traded on U.S. stock market 1950-2009 were gone by 2009; 21%: conversion increase with AI-enabled site personalisation; $1 billion: US Air Force jets off the cloud; 1 billion: iOS devices in use; 1000x: new DeepMind WaveNet model produces 20 seconds of higher quality audio in 1 second; 96: vCPUs on new GCE machine type, with 624GB of memory; 

  • Quotable Quotes:
    • fusiongyro: The amount of incipient complexity in programming has been growing, not going down. What's more complex, "hello, world" to the console in Python, or "hello world" in a browser with the best and newest web stack? Mobility and microservices create lots of new edge cases and complexity—do non-programmers seem particularly well-equipped to handle edge cases to you? The problem has never really been the syntax—if it were, non-programmers would have made great strides with Applescript and SQL, and we'd all be building PowerBuilder libraries for a living. The problem is Continue reading

Back In The Saddle Of A Horse Of A Different Color

I’ve been asked a few times in the past year if I missed being behind a CLI screen or I ever got a hankering to configure some networking gear. The answer is a guarded “yes”, but not for the reason that you think.

Type Casting

CCIEs are keyboard jockeys. Well, the R&S folks are for sure. Every exam has quirks, but the R&S folks have quirky QWERTY keyboard madness. We spend a lot of time not just learning commands but learning how to input them quickly without typos. So we spend a lot of time with keys and a lot less time with the mouse poking around in a GUI.

However, the trend in networking has been to move away from these kinds of input methods. Take the new Aruba 8400, for instance. The ArubaOS-CX platform that runs it seems to have been built to require the least amount of keyboard input possible. The whole system runs with an API backend and presents a GUI that is a series of API calls. There is a CLI, but anything that you can do there can easily be replicated elsewhere by some other function.

Why would a company do this? To Continue reading

1 1,892 1,893 1,894 1,895 1,896 3,859