NSX-T 2.0 is here !

VMware NSX is a network virtualization and security platform for the enterprise that is helping our customers make the transition to the digital era.  As developers embrace new technologies like containers, and the percentage of workloads running in public clouds increases, network virtualization must expand to offer a full range of networking and security services, natively, in these environments.

Today, we are announcing the next version of NSX-T that can provide network virtualization for a multi-cloud and multi-hypervisor environment. The NSX technology that you are familiar with and use it for so many years is now be available for cloud and container environments. Circa VMworld 2016, we showed a prototype of NSX that can provide network virtualization and micro-segmentation for native AWS workloads. That journey is now complete and the initial availability of that service for some customers is already available for their AWS workloads.

NSX can now provide seamless network virtualization for workloads running on either VMs or Containers. VMs can be located either on-prem or on AWS. NSX will provide the entire feature set for either Vmware vSphere Hypervisors or KVM hypervisors. For native workloads on AWS, NSX will provide VMware NSX Secure Cloud to provide the Continue reading

Google leaked prefixes – and knocked Japan off the Internet

Last Friday, 25 August, a routing incident caused large-scale internet disruption. It hit Japanese users the hardest, slowing or blocking access to websites and online services for dozens of Japanese companies.

What happened is that Google accidentally leaked BGP prefixes it learned from peering relationships, essentially becoming a transit provider instead of simply exchanging traffic between two networks and their customers. This also exposed some internal traffic engineering that caused many of these prefixes to get de-aggregated and therefore raised their probability of getting accepted elsewhere.

The incident technically lasted less than ten minutes, but spread quickly around the Internet and caused some damage. Connectivity was restored, but persistently slow connection speeds affected industries like finance, transportation, and online gaming for several hours. Google apologized for the trouble, saying it was caused by an errant network setting that was corrected within eight minutes of its discovery.

This incident showed, again, how fragile the global routing system still is against configuration mistakes, to say nothing about malicious attacks.

What it also showed is a lack of defense – the incident propagated seemingly without any attempt from other networks to stop it.

The Internet Society works to address security in many ways, Continue reading

IGF-USA: Promoting a More Inclusive Internet

The IGF-USA took place in Washington D.C on July 24, 2017. During the event, the panel “Promoting a More Inclusive Internet” looked at current barriers to an inclusive Internet and explored how access could be expanded to underserved areas and to underrepresented communities. Moderated by Dr. Brandie Nonnecke, Research & Development Manager for CITRIS and the Banatao Institute at the University of California-Berkeley and Chair of the San Francisco-Bay Area Internet Society Chapter Working Group on Internet Governance, the panel brought together several experts on access provision, each with many years experience of connecting the unconnected in the USA and overseas.

Decentralized Approach

One of the main themes of the panel was that there is no ‘one size fits all’ approach to getting communities online. Rather than focus on technical deployment, the panelists argued that the focus needs to shift to what Internet access actually means to different communities and to solutions adapted to fit their specific needs. When proposing solutions, the first question that needs to be asked is, ‘What are the problems that Internet access will solve?’ Often, what works for one community won’t work for another. “No one should decide what other people’s Internet access Continue reading

AmazonBasics 6-Foot HDMI Cable 2-Pack Discounted To $7.96 – Deal Alert

The AmazonBasics High-Speed HDMI Cable quickly connects a wide range of HDMI devices. Use it to connect a small mobile, home-entertainment, or gaming device to a big-screen HDTV, large projector, or computer monitor, for example. Delivering clear, vibrant video, the AmazonBasics High-Speed HDMI Cable with Ethernet meets the latest standards, which means it considerably expands bandwidth up to 18 Gbps, offers 4K@50/60 (2160p) video resolution (four times more clarity than 1080p/60), and supports the wide-angle theatrical 21:9 video aspect ratio. The cables average 4.5 out of 5 stars from over 12,000 reviewers on Amazon (read reviews). Right now you can get a 2-pack of these 6-foot cables for just $7.96. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

AmazonBasics 6-Foot HDMI Cable 2-Pack Discounted To $7.96 – Deal Alert

The AmazonBasics High-Speed HDMI Cable quickly connects a wide range of HDMI devices. Use it to connect a small mobile, home-entertainment, or gaming device to a big-screen HDTV, large projector, or computer monitor, for example. Delivering clear, vibrant video, the AmazonBasics High-Speed HDMI Cable with Ethernet meets the latest standards, which means it considerably expands bandwidth up to 18 Gbps, offers 4K@50/60 (2160p) video resolution (four times more clarity than 1080p/60), and supports the wide-angle theatrical 21:9 video aspect ratio. The cables average 4.5 out of 5 stars from over 12,000 reviewers on Amazon (read reviews). Right now you can get a 2-pack of these 6-foot cables for just $7.96. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

New Coder: Stop What You’re Doing!

Let’s get coding! We’ve selected a language, we’ve done some online training, and we’re ready to get coding and automate the first thing we stumble across. How exciting! Aaaaannnnnd STOP.

On the Solarwinds Thwack Geek Speak blog I looked at the “80:20” rule and how to use it to guide where to get the biggest return on investment when spending time coding, then I gave some advice on how to select a task to automate. Please do take a trip to Thwack and check out my post, “New Coder: Stop What You’re Doing.

New Coder: Stop What You're Doing!

 

Please see my Disclosures page for more information about my role as a Solarwinds Ambassador.

If you liked this post, please do click through to the source at New Coder: Stop What You’re Doing! and give me a share/like. Thank you!

BGP Route Reflector in Plain English

BGP Route Reflector in Plain English, in this post, I will explain you the BGP Route Reflector basics, after you read this post, you will be able to answer many questions regarding BGP Route Reflectors.     Outline of this post is as below.   What is BGP Route Reflector ? Why BGP Route Reflector […]

The post BGP Route Reflector in Plain English appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

The Rise Of The Fourth Wave Of Computing

According to a recent Jefferies report, the fourth wave of computing has started and it is being driven by the adoption of IoT with parallel processing as the solution. Tectonic shifts in computing have been caused by major forces dating back to the 1960s.

With each shift, new solution providers have emerged as prominent suppliers. The latest power often cited with the fourth wave is Nvidia and its parallel processing platform for HPC and artificial intelligence (AI), namely GPUs and the CUDA programming platform. The growth of the data center segment of Nvidia’s business – from $339 million in

The Rise Of The Fourth Wave Of Computing was written by Timothy Prickett Morgan at The Next Platform.

VNIX-NOG 2017 held in Ho Chi Minh City

VNNIC, the National Internet Registry (NIR) of Vietnam, organized 2 major events in Ho Chi Minh City. VNNIC IP Member meeting on 24th August at VNNIC HCMC Office and second VNIX-NOG event on 25th August at Saigon Prince Hotel and was attended by our Deploy360 colleague Aftab Siddiqui. NetNam, a local ISP, provided Internet connectivity for the NOG event and did a great job by providing a dual stack IPv4 and IPv6 network.

The first event was for VNNIC IP members where reports were presented and NIR policies discussed, but the NOG event the following day was attended by around 70 people from various organizations including all the major telcos and ISPs in the country, the Internet Society, APNIC, Google and BBIX.

The opening speech was provided by Nguyen Hong Thang – Deputy Director of VNNIC, and a welcome note was added by Vu The Binh – General Secretary of Vietnam Internet Association (VIA) . Presentations from the event are available here, but the emphasis was on local participants to share their experience and local community engagement.

Nguyen Tran Hieu (VNIX) shared some network statistics of the Hanoi and Ho Chi Minh City nodes, which unfortunately showed that most members Continue reading

Liveblog: VMworld 2017 Day 1 Keynote

This is a liveblog of the day 1 keynote at VMworld 2017 in Las Vegas, NV. There was a bit of a kerfluffle regarding seating (the local facilities staff didn’t want to let me sit in the bloggers’ area because “you’re not a blogger”), but I managed to snag a seat anyway.

Prior to the keynote, a number of announcements were released; here’s a quick look at a few of them:

Pat Gelsinger takes the stage at about 9:05am, after a very cool AR/VR demo. Gelsinger welcomes the crowd, and takes a minute to reflect upon his time at CEO of VMware. Gelsinger also takes a moment to talk about the devastation caused by Hurricane Harvey, and urges attendees to help support the recovery of that effort.

Gelsinger talks how “science fiction” is becoming “science fact”: exoskeletons, teleportation, and genetically modified organisms via CRISPR. Continue reading

StackStorm Architecture Part I – StackStorm Core Services

A while ago, I wrote about basic concepts in StackStorm. Since then I’ve been knee-deep in the code, fixing bugs and creating new features, and I’ve learned a lot about how StackStorm is put together. In this series, I’d like to spend some time exploring the StackStorm architecture. What subcomponents make up StackStorm? How do they interact? How can we scale StackStorm? These are all questions that come up from time to time in the StackStorm community, and there are a lot of little details that I even forget from time-to-time.

StackStorm Architecture Part I – StackStorm Core Services

A while ago, I wrote about basic concepts in StackStorm. Since then I’ve been knee-deep in the code, fixing bugs and creating new features, and I’ve learned a lot about how StackStorm is put together. In this series, I’d like to spend some time exploring the StackStorm architecture. What subcomponents make up StackStorm? How do they interact? How can we scale StackStorm? These are all questions that come up from time to time in the StackStorm community, and there are a lot of little details that I even forget from time-to-time.

StackStorm Architecture Part I – StackStorm Core Services

A while ago, I wrote about basic concepts in StackStorm. Since then I’ve been knee-deep in the code, fixing bugs and creating new features, and I’ve learned a lot about how StackStorm is put together. In this series, I’d like to spend some time exploring the StackStorm architecture. What subcomponents make up StackStorm? How do they interact? How can we scale StackStorm? These are all questions that come up from time to time in the StackStorm community, and there are a lot of little details that I even forget from time-to-time.

StackStorm Architecture Part I – StackStorm Core Services

A while ago, I wrote about basic concepts in StackStorm. Since then I’ve been knee-deep in the code, fixing bugs and creating new features, and I’ve learned a lot about how StackStorm is put together.

In this series, I’d like to spend some time exploring the StackStorm architecture. What subcomponents make up StackStorm? How do they interact? How can we scale StackStorm? These are all questions that come up from time to time in the StackStorm community, and there are a lot of little details that I even forget from time-to-time. I’ll be doing this in a series of posts, so we can explore a particular topic in detail without getting overwhelmed.

Also, it’s worth noting that this isn’t intended to be an exhaustive reference for StackStorm’s architecture. The best place for that is still the StackStorm documentation. My goal in this series is merely to give a little bit of additional insight into StackStorm’s inner workings, and hopefully get those curiosity juices flowing. There will be some code references, some systems-level insight, probably both.

Also note that this is a living document. This is an open source project under active development, and while I will try to keep specific Continue reading

StackStorm Architecture Part I – StackStorm Core Services

A while ago, I wrote about basic concepts in StackStorm. Since then I’ve been knee-deep in the code, fixing bugs and creating new features, and I’ve learned a lot about how StackStorm is put together.

In this series, I’d like to spend some time exploring the StackStorm architecture. What subcomponents make up StackStorm? How do they interact? How can we scale StackStorm? These are all questions that come up from time to time in the StackStorm community, and there are a lot of little details that I even forget from time-to-time. I’ll be doing this in a series of posts, so we can explore a particular topic in detail without getting overwhelmed.

Also, it’s worth noting that this isn’t intended to be an exhaustive reference for StackStorm’s architecture. The best place for that is still the StackStorm documentation. My goal in this series is merely to give a little bit of additional insight into StackStorm’s inner workings, and hopefully get those curiosity juices flowing. There will be some code references, some systems-level insight, probably both.

Also note that this is a living document. This is an open source project under active development, and while I will try to keep specific Continue reading

Cumulus Linux 3.4 REST API

The latest Cumulus Linux 3.4 release include a REST API. This article will demonstrate how the REST API can be used to automatically deploy traffic controls based on real-time sFlow telemetry. DDoS mitigation with Cumulus Linux describes how sFlow-RT can detect Distributed Denial of Service (DDoS) attacks in real-time and deploy automated controls.

The following ddos.js script is modified to use the REST API to send Network Command Line Utility - NCLU commands to add and remove ACLs, see Installing and Managing ACL Rules with NCLU:
var user = "cumulus";
var password = "CumulusLinux!";
var thresh = 10000;
var block_minutes = 1;

setFlow('udp_target',{keys:'ipdestination,udpsourceport',value:'frames'});

setThreshold('attack',{metric:'udp_target', value:thresh, byFlow:true, timeout:10});

function restCmds(agent,cmds) {
  for(var i = 0; i < cmds.length; i++) {
    let msg = {cmd:cmds[i]};
    http("https://"+agent+":8080/nclu/v1/rpc",
         "post","application/json",JSON.stringify(msg),user,password);
  }
}

var controls = {};
var id = 0;
setEventHandler(function(evt) {
  var key = evt.agent + ',' + evt.flowKey;
  if(controls[key]) return;

  var ifname = metric(evt.agent,evt.dataSource+".ifname")[0].metricValue;
  if(!ifname) return;

  var now = (new Date()).getTime();
  var name = 'ddos'+id++;
  var [ip,port] = evt.flowKey.split(',');
  var cmds = [
    'add acl ipv4 '+name+' drop udp source-ip any source-port '+port+' dest-ip '+ip+' dest-port any',
     Continue reading
1 1,925 1,926 1,927 1,928 1,929 3,840