0

Technology Short Take 173

Welcome to Technology Short Take #173! After a lull in links to share last time around, it looks like things have rebounded and folks are in full swing writing new content for me to share with you. I think I have a decent round-up of links for you; hopefully you can find something useful here. Enjoy!

Networking

• This article on running WireGuard in Docker may prove useful if that’s an approach I decide to adopt for my AWS lab infrastructure.
• Natalie Marek educates readers on VPC endpoints.
• Russ White laments some of the issues facing network engineering.

Servers/Hardware

• Alex Ellis provides some details on his workflow for booting Raspberry Pi 5 from NVMe.
• Tom Hummel finds himself veering back into a hardware-based home lab (instead of a cloud-based lab).

Security

• Rory McCune shares some information about a change in kubeadm version 1.29 pertaining to administrative credentials.
• Quintessence Anx of SPIRL shares some guidance on how to construct SPIFFE IDs.
• A set of vulnerabilities in the open source reference implementation of the UEFI specification has been uncovered. The flaws, referred to as PixieFail, specifically affect the PXE network boot process. BleepingComputer has more details.

Cloud Computing/Cloud Management

• Dean has published Continue reading

0

BGP Labs: Work with FRR and Cumulus Linux

FRR or (pre-NVUE) Cumulus Linux are the best bets if you want to run BGP labs in a resource-constrained environment like your laptop or a small public cloud instance. However, they both behave a bit differently from what one might expect from a networking device, including:

• Interfaces are created through standard Linux tools;
• You have to start the FRR management CLI from the Linux shell;
• If you need a routing daemon (for example, the BGP daemon), you must enable it in the FRR configuration file and restart FRR.

A new lab exercise covers these intricate details and will help you get fluent in configuring BGP on FRR or Cumulus Linux virtual machines or containers.

0

BGP Labs: Work with FRR and Cumulus Linux

FRR or (pre-NVUE) Cumulus Linux are the best bets if you want to run BGP labs in a resource-constrained environment like your laptop or a small public cloud instance. However, they both behave a bit differently from what one might expect from a networking device, including:

• Interfaces are created through standard Linux tools;
• You have to start the FRR management CLI from the Linux shell;
• If you need a routing daemon (for example, the BGP daemon), you must enable it in the FRR configuration file and restart FRR.

A new lab exercise covers these intricate details and will help you get fluent in configuring BGP on FRR or Cumulus Linux virtual machines or containers.

0

Taming Network Complexity with Digital Twins

Digital twins can help manage and troubleshoot complex networks by providing an accurate replica of the network's configuration and state.

0

KU046: Do Kubernetes Certs Prepare You For Real-World Production?

Technical trainer Benjamin Muschko joins hosts Kristina Devochko and Michael Levan to discuss the gap between Kubernetes certifications and real-world production skills. All three critique the focus on command-line proficiency in certifications, advocating for a practical approach that tests real-life scenarios. Muschko proposes a “capture the flag” style exam with hands-on projects, while the hosts... Read more »

0

IT Spending In 2024 Cools Thanks To “Change Fatigue”

Change may be inevitable, but it is also a pain in the neck. …

IT Spending In 2024 Cools Thanks To “Change Fatigue” was written by Timothy Prickett Morgan at The Next Platform.

0

When the Cloud is the Problem, Not the Answer

Taking cloud costs into consideration, more businesses today are adopting a hybrid or multi-cloud strategy to leverage the benefits of different deployment models for different parts of their applications.

0

D2C229: Standing Out From The Crowd With Tim Banks

We talk with Tim Banks about a wide range of topics including career development, how to stand out as an interview candidate, building a resume, finding your blind spots, diversity in tech (or lack thereof), and more. Let’s get into all the things with Tim! Episode Guest: Tim Banks | Lead Developer Advocate at Dell... Read more »

0

Tangoe State of IT Spending: A Look Back and Ahead

Tangoe’s annual IT Trends and Savings Recommendation report recaps IT spending in 2023 and provides savings tips for 2024.

0

Chip Packaging Trumps EDA: Why Synopsys Is Paying $35 Billion For Ansys

Here is how you know that the way chiplets are linked together to create what might have otherwise been a monolithic device is now more important than the way that the chiplets themselves are designed. …

Chip Packaging Trumps EDA: Why Synopsys Is Paying $35 Billion For Ansys was written by Timothy Prickett Morgan at The Next Platform.

0

Locking Down The Edge

COMMISSIONED: Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and into distributed sites and devices. …

Locking Down The Edge was written by Timothy Prickett Morgan at The Next Platform.

0

Making Networking Cool Again? (2)

Network engineering is not “going away.” Network engineering is not less important than it was yesterday, last year, or even a decade ago.

But there still seems to be a gap somewhere. There are fewer folks interested than we need. We need more folks who want to work as full-time network engineers, and more folks with network engineering skills diffused within the larger IT community. More of both is the right answer if we’re going to continue building large-scale systems that work. The real lack of enthusiasm for learning network engineering is hurting all of IT, not just network engineering.

How do we bridge this gap? We’re engineers. We solve problems. This seems to be a problem we might be able to solve (unlike human nature). Let’s try to solve it.

As you might have guessed, I have some ideas. These are not the only ideas in the world—feel free to think up more!

If you walk into a robotics class, even an introductory robotics class, you see people … building robots. If you walk into a coding class, even an introductory one, you see people … writing software. If you walk into a network network engineering class you Continue reading

0

Fulton County Schools: Five Lessons From a Massive Digital Transformation

Fulton County Schools CIO Dr. Emily Bell shares advice and lessons learned from the school’s major digital transformation that are applicable to organizations of all types.

0

BGP Graceful Restart Considered Harmful

A networking engineer with a picture-perfect implementation of a dual-homed enterprise site using BGP communities according to RFC 1998 to select primary- and backup uplinks contacted me because they experienced unacceptably long failover times.

They measured the failover times caused by the primary uplink loss and figured out it takes more than five minutes to reestablish Internet connectivity to their site.

0

BGP Graceful Restart Considered Harmful

A networking engineer with a picture-perfect implementation of a dual-homed enterprise site using BGP communities according to RFC 1998 to select primary- and backup uplinks contacted me because they experienced unacceptably long failover times.

They measured the failover times caused by the primary uplink loss and figured out it takes more than five minutes to reestablish Internet connectivity to their site.

0

IP Addresses through 2023

Time for another annual roundup from the world of IP addresses. Let’s see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself.

0

IP Addresses through 2023

Time for another annual roundup from the world of IP addresses. Let’s see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself.

0

NB462: HPE Spends $14 Billion For Juniper Networks; Starlink Tests SMS Via Satellite

Take a Network Break! On today’s show we spend most of the episode talking about HPE’s $14 billion bid for Juniper Networks. We discuss reasons for the deal, product overlap, potential upsides, challenges to integrating these two companies and their product lines, and more. We also talk about a successful test by Starlink to send... Read more »

0

Leveraging Network Support with Non-IT Personnel

As networks move to the edge, IT can’t always move with them. How do you maintain them? Here are tips to enlist paraprofessionals to help.

0

Raspberry Pi 5 network emulation with Containerlab

The GitHub sflow-rt/containerlab project contains example network topologies for the Containerlab network emulation tool that demonstrate real-time streaming telemetry in realistic data center topologies and network configurations. The examples use the same FRRouting (FRR) engine that is part of SONiC, NVIDIA Cumulus Linux, and DENT network operating systems. Containerlab can be used to experiment before deploying solutions into production. Examples include: tracing ECMP flows in leaf and spine topologies, EVPN visibility, and automated DDoS mitigation using BGP Flowspec and RTBH controls. Raspberry Pi 5 real-time network analytics describes how to install Docker on a Raspberry Pi 5.

docker run hello-world

Run the hello-world container to verify that Docker in properly installed and running before proceeding.

git clone https://github.com/sflow-rt/containerlab.git

Download the sflow-rt/containerlab project from GitHub.

cd containerlab
./run-clab

Start Containerlab.

containerlab deploy -t clos5.yml

Start the 5 stage leaf and spine topology shown at the top of this page. The initial launch may take a couple of minutes as the container images are downloaded for the first time. Once the images are downloaded, the topology deploys in around 10 seconds.

./topo.py clab-clos5

Push the topology to the sFlow-RT analytics software. An instance of the sFlow-RT Continue reading