0

The day my ping took countermeasures

Once my holidays had passed, I found myself reluctantly reemerging into the world of the living. I powered on a corporate laptop, scared to check on my email inbox. However, before turning on the browser, obviously, I had to run a ping. Debugging the network is a mandatory first step after a boot, right? As expected, the network was perfectly healthy but what caught me off guard was this message:

I was not expecting ping to take countermeasures that early on in a day. Gosh, I wasn't expecting any countermeasures that Monday!

Once I got over the initial confusion, I took a deep breath and collected my thoughts. You don't have to be Sherlock Holmes to figure out what has happened. I'm really fast - I started ping before the system NTP daemon synchronized the time. In my case, the computer clock was rolled backward, confusing ping.

While this doesn't happen too often, a computer clock can be freely adjusted either forward or backward. However, it's pretty rare for a regular network utility, like ping, to try to manage a situation like this. It's even less common to call it "taking countermeasures". I would totally expect ping to just print Continue reading

0

Catalyst SD-WAN – Introduction to Configuration Groups

One of the challenges with Catalyst SD-WAN is managing templates. Depending on how successful you are in standardizing your deployment, you risk ending up with many device templates. This can also be amplified if you have several platforms as each platform requires its own set of device templates. Feature templates, while reusable, offers no concept of grouping feature templates which means that there is a lot of work involved in building a new device template. To overcome some of these challenges, Cisco has introduced Configuration Groups starting with 20.8 and going forward where 20.11 currently has the most features implemented. This is also often referred to as UX 2.0 in some presentations. Let’s take a look at Configuration Groups by looking at the building blocks.

• Configuration Group – Logical grouping of features or configuration that is applied to devices. Similar to a device template but it can be applied to different models.
• Feature Profile – Building block of configurations that can be reused across different Configuration Groups. Example feature profiles are Transport Profile, System Profile, Service Profile.
• Feature – The Feature Profile consists of features. The individual capability to be shared across Configuration Groups such as service Continue reading

0

Configuring Linux Traffic Control in a Sane Way

Smart engineers were forever using Linux (in particular, its traffic control/queue discipline functionality) to simulate WAN link impairment. Unfortunately, there’s a tiny hurdle you have to jump across: the tc CLI is even worse than iptables.

A long while ago someone published a tc wrapper that simulates shitty network connections and (for whatever reason) decided to call it Comcast. It probably does the job, but I would prefer to have something in Python. Daniel Dib found just that – tcconfig – and used it to simulate WAN link behavior on VMware vSphere.

0

Configuring Linux Traffic Control in a Sane Way

Smart engineers were forever using Linux (in particular, its traffic control/queue discipline functionality) to simulate WAN link impairment. Unfortunately, there’s a tiny hurdle you have to jump across: the tc CLI is even worse than iptables.

A long while ago someone published a tc wrapper that simulates shitty network connections and (for whatever reason) decided to call it Comcast. It probably does the job, but I would prefer to have something in Python. Daniel Dib found just that – tcconfig – and used it to simulate WAN link behavior on VMware vSphere.

0

HS051: Things I Wish I’d Known Back When

Oft-asked question that doesn't have a right answer. We discuss non-convential answers that career coaches or self-help twaddle won't give you.

0

HS051 Things I Wish I’d Known Back When

Oft-asked question that doesn't have a right answer. We discuss non-convential answers that career coaches or self-help twaddle won't give you.

The post HS051 Things I Wish I’d Known Back When appeared first on Packet Pushers.

0

Multiple SD-WAN vendors can complicate move to SASE

Enterprises over the past several years have embraced SD-WAN for many reasons, including the flexibility of cloud architecture, enhanced security, centralized management of distributed locations, and improved application availability and performance. In turn, the popularity of SD-WAN has helped propel interest in secure access service edge (SASE), a network architecture that converges connectivity and security services.To read this article in full, please click here

0

Multiple SD-WAN vendors can complicate move to SASE

Enterprises over the past several years have embraced SD-WAN for many reasons, including the flexibility of cloud architecture, enhanced security, centralized management of distributed locations, and improved application availability and performance. In turn, the popularity of SD-WAN has helped propel interest in secure access service edge (SASE), a network architecture that converges connectivity and security services.To read this article in full, please click here

0

Connection errors in Asia Pacific region on July 9, 2023

On Sunday, July 9, 2023, early morning UTC time, we observed a high number of DNS resolution failures — up to 7% of all DNS queries across the Asia Pacific region — caused by invalid DNSSEC signatures from Verisign .com and .net Top Level Domain (TLD) nameservers. This resulted in connection errors for visitors of Internet properties on Cloudflare in the region.

The local instances of Verisign’s nameservers started to respond with expired DNSSEC signatures in the Asia Pacific region. In order to remediate the impact, we have rerouted upstream DNS queries towards Verisign to locations on the US west coast which are returning valid signatures.

We have already reached out to Verisign to get more information on the root cause. Until their issues have been resolved, we will keep our DNS traffic to .com and .net TLD nameservers rerouted, which might cause slightly increased latency for the first visitor to domains under .com and .net in the region.

Background

In order to proxy a domain’s traffic through Cloudflare’s network, there are two components involved with respect to the Domain Name System (DNS) from the perspective of a Cloudflare data center: external DNS resolution, and upstream or origin DNS resolution.

Continue reading

0

What to Consider When Choosing a SASE Vendor

SASE technology can be quite complex. There are a wide range of SASE vendors available. Find out what to consider when choosing the best SASE vendors.

0

Network Break 437: Ethernet Turns 50; TSMC Imports Workers For Arizona Fab; BT, HPE Partner On Managed LAN

On today's Network Break, Greg Ferro wishes Ethernet an unhappy birthday, HPE and BT want to manage your LAN, TSMC brings in Taiwanese workers to build new fabs in Arizona, Nokia touts new Fixed Wireless Access milestones, and more IT news.

0

Network Break 437: Ethernet Turns 50; TSMC Imports Workers For Arizona Fab; BT, HPE Partner On Managed LAN

On today's Network Break, Greg Ferro wishes Ethernet an unhappy birthday, HPE and BT want to manage your LAN, TSMC brings in Taiwanese workers to build new fabs in Arizona, Nokia touts new Fixed Wireless Access milestones, and more IT news.

The post Network Break 437: Ethernet Turns 50; TSMC Imports Workers For Arizona Fab; BT, HPE Partner On Managed LAN appeared first on Packet Pushers.

0

Patchless Cisco Flaw Breaks Cloud Encryption for ACI Traffic

Vulnerable Nexus 9000 Series Fabric Switches in ACI mode should be disabled, Cisco advises

0

Lining Up The “El Capitan” Supercomputer Against The AI Upstarts

The question is no longer whether or not the “El Capitan” supercomputer that has been in the process of being installed at Lawrence Livermore National Laboratory for the past week – with photographic evidence to prove it – will be the most powerful system in the world. …

The post Lining Up The “El Capitan” Supercomputer Against The AI Upstarts first appeared on The Next Platform.

Lining Up The “El Capitan” Supercomputer Against The AI Upstarts was written by Timothy Prickett Morgan at The Next Platform.

0

Cross Training for Career Completeness

Are you good at your job? Have you spent thousands of hours training to be the best at a particular discipline? Can you configure things with your eyes closed and are finally on top of the world? What happens next? Where do you go if things change?

It sounds like an age-old career question. You’ve mastered a role. You’ve learned all there is to learn. What more can you do? It’s not something specific to technology either. One of my favorite stories about this struggle comes from the iconic martial artist Bruce Lee. He spent his formative years becoming an expert at Wing Chun and no one would argue he wasn’t one of the best. As the story goes, in 1967 he engaged in a sparring match with a practitioner of a different art and, although he won, he was exhausted and thought things had gone on far too long. This is what encouraged him to develop Jeet Kun Do as a way to incorporate new styles together for more efficiency and eventually led to the development of mixed martial arts (MMA).

What does Bruce Lee have to do with tech? The value of cross training with different tech disciplines Continue reading

0

Creating a directory tree with a single command

The mkdir command can do more than create a single directory. It can create multiple directories at once and can even create an entire directory structure with a single command. The required command will be a tad complex, but not particularly challenging.NOTE: If you try to set up a multi-level directory structure with a command like the one shown below, it won't work if the initial directories ("this" and "that") don't already exist.$ mkdir this/that/the_othermkdir: cannot create directory ‘this/that/the_other’: No such file or directory Add a -p (for "parents") and the missing directories will be created and your this/that/the_other directory structure will be set up in your current directory as intended.To read this article in full, please click here

0

Creating a directory tree with a single command

The mkdir command can do more than create a single directory. It can create multiple directories at once and can even create an entire directory structure with a single command. The required command will be a tad complex, but not particularly challenging.NOTE: If you try to set up a multi-level directory structure with a command like the one shown below, it won't work if the initial directories ("this" and "that") don't already exist.$ mkdir this/that/the_othermkdir: cannot create directory ‘this/that/the_other’: No such file or directory Add a -p (for "parents") and the missing directories will be created and your this/that/the_other directory structure will be set up in your current directory as intended.To read this article in full, please click here

0

UK regulator refers cloud infrastructure market for investigation

Three months after the UK regulator announced its concerns around the market dominance of AWS and Microsoft, it's asking for an investigation to take place in order to improve the market for customers.

0

Eliminating Downtime with Internet Contingency Planning

By taking a proactive approach to contingency planning, enterprises can minimize downtime and reduce its impact on operations.

0

Tech Bytes: Deploying Sovereign Clouds With VMware And Tietoevry

Today on the Tech Bytes podcast, we explore the concept of sovereign clouds with sponsor VMware. Sovereign clouds provide the agility and scale of the cloud while ensuring data resides in a specific country or geography and meets area requirements for security and privacy. We speak with Tietoevry, one of the first VMware partners to offer major sovereign cloud solutions for its Nordic clients.