Is there a Global Tier 1 Internet Service Provider in the World ? Who are the biggest networks in the World ? In the Peering article I explained what is peering , different types of peering such as private and public peering , settlement free peering , paid peering and so on. To […]
The post Is there a Global Tier 1 Provider in the World ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
In a recent blog post, my colleague Marek talked about some SSDP-based DDoS activity we'd been seeing recently. In that blog post he used a tool called mmhistogram to output an ASCII histogram.
That tool is part of a small suite of command-line tools that can be handy when messing with data. Since a reader asked for them to be open sourced... here they are.
Suppose you have the following CSV of the ages of major Star Wars characters at the time of Episode IV:
Anakin Skywalker (Darth Vader),42
Boba Fett,32
C-3PO,32
Chewbacca,200
Count Dooku,102
Darth Maul,54
Han Solo,29
Jabba the Hutt,600
Jango Fett,66
Jar Jar Binks,52
Lando Calrissian,31
Leia Organa (Princess Leia),19
Luke Skywalker,19
Mace Windu,72
Obi-Wan Kenobi,57
Palpatine,82
Qui-Gon Jinn,92
R2-D2,32
Shmi Skywalker,72
Wedge Antilles,21
Yoda,896
You can get an ASCII histogram of the ages as follows using the mmhistogram tool.
$ cut -d, -f2 epiv | mmhistogram -t "Age"
Age min:19.00 avg:123.90 med=54.00 max:896.00 dev:211.28 count:21
Age:
value |-------------------------------------------------- count
0 | 0
1 | 0
2 | 0
4 | 0
8 | 0
16 |************************************************** 8
32 | ************************* 4
64 | ************************************* 6
128 | ****** 1
256 Continue reading |
| Fig 1.1- |
Another question from someone watching my Designing Active-Active and Disaster Recovery Data Centers webinar (you know, the one where I tell people how to avoid the world-spanning-layer-2 madness):
In the video about parallel application stacks (swimlanes) you mentioned that one of the options for using the R/W database in Datacenter A if the user traffic landed in Datacenter B in which the replica of the database is read-only was to redirect the user browser with the purpose that the follow up HTTP POST land in Datacenter A.
Here’s the diagram he’s referring to:
Read more ...Some may find the title a bit strange, but, actually, it’s not 100% wrong. It just depends on what the acronym “DCI” stands for. And, actually, a new definition for DCI may come shortly, disrupting the way we used to interconnect multiple Data Centres together.
For many years, the DCI acronym has conventionally stood for Data Centre Interconnect.
Soon, the “Data Centre Interconnect” naming convention may essentially be used to describe solutions for interconnecting traditional-based DC network solutions, which have been used for many years. I am not denigrating any traditional DCI solutions per se, but the Data Centre networking is evolving very quickly from the traditional hierarchical network architecture to the emerging VXLAN-based fabric model gaining momentum in enterprise adopting it to optimize modern applications, computing resources, save costs and gain operational benefits. Consequently, these independent DCI technologies will continue to be deployed primarily for extending Layer 2 and Layer 3 networks between traditional DC networks. However, for the interconnection of modern VXLAN EVPN standalone (1) Fabrics, a new innovative solution called “VXLAN EVPN Multi-site” – which integrates in a single device the extension of the Layer 2 and Layer 3 services across multiple sites – has been created for a Continue reading
Everybody has secrets. Software developers have many. Often these secrets—API tokens, TLS private keys, database passwords, SSH keys, and other sensitive data—are needed to make a service run properly and interact securely with other services. Today we’re sharing a tool that we built at Cloudflare to securely distribute secrets to our Dockerized production applications: PAL.
PAL is available on Github: https://github.com/cloudflare/pal.
Although PAL is not currently under active development, we have found it a useful tool and we think the community will benefit from its source being available. We believe that it's better to open source this tool and allow others to use the code than leave it hidden from view and unmaintained.
CC BY 2.0 image by Personal Creations
How do you get these secrets to your services? If you’re the only developer, or one of a few on a project, you might put the secrets with your source code in your version control system. But if you just store the secrets in plain text with your code, everyone with access to your source repository can read them and use them for nefarious purposes (for example, stealing an API token and pretending to be Continue reading
Define 'stunt networking'
The post Dictionary: Stunt Networking appeared first on EtherealMind.
AT&T buys Brocade's Vyatta assets; Cisco puts more focus on 'Meraki-fying' its software business.
There’s a lot of talk about network programmability and I recently had a simple use case that surfaced. The goal was locating a serial number in Cisco Devices. Basically, a script is required that will do the following.
There are many ways this can be accomplished, but the method I am using utilizes SSH. This example requires the use of Paramiko to implement SSHv2. The script can match other items in the output of show version and can easily be modified to have multiple matches and return additional information.
It is worth noting that the script I’m sharing will automatically add public ssh keys and therefore may not be appropriate in a high security environment.
The Python and sample device files can be downloaded here.
import paramiko
import getpass
#get user/password/substring (for search)
myuser = raw_input("Enter Username For Process: ")
mypass = getpass.getpass()
mysearch = raw_input("Please enter string to search: ")
#get a list of devices from devices.txt - one per line
qbfile = open("devices. Continue reading
TL;DR: Each of Linux 2.6.39, 3.6 and 4.0 brings notable performance improvements for the IPv4 route lookup process.
In a previous article, I explained how Linux implements an IPv4 routing table with compressed tries to offer excellent lookup times. The following graph shows the performance progression of Linux through history:
Two scenarios are tested:
All kernels are compiled with GCC 4.9 (from Debian Jessie). This
version is able to compile older kernels1 as well as current
ones. The kernel configuration used is the default one with
CONFIG_SMP and CONFIG_IP_MULTIPLE_TABLES options enabled (however,
no IP rules are used). Some other unrelated options are enabled to be
able to boot them in a virtual machine and run the benchmark.
The measurements are done in a virtual machine with one
vCPU2. The host is an Intel Core i5-4670K and the CPU
governor was set to “performance”. The benchmark is
single-threaded. Implemented as a kernel module, it calls
fib_lookup() with various destinations in 100,000 timed iterations
and keeps the Continue reading
With automation, network and security operations teams support today's application-centric world
Here’s the list of materials (and other changes) I added to the Ansible for Networking Engineers webinar and online course in June 2017.
The first thing you’ll notice is the brand-new user interface with collapsible sections, making it easier to grasp the big picture (the change was badly needed – the webinar is already almost 12 hours long).
Read more ... |
| Sample Diagram showing Access-Lists |
Errors happen. But look at the discipline put into the spreading code. That worked as intended. Only the ransomware components have bugs?— Jake Williams (@MalwareJake) July 1, 2017
Right now, it’s an employee’s market in the Bay Area. Technology firms are growing, and they’re always trying to hire more people. So I regularly receive emails from recruiters. This is not to brag, it’s just the way things are right now, based upon the economy, my background, my current location, and my age. I’m lucky.
Some of these approaches are outstanding. Well-crafted, tailored to the person and the role. Some are pathetically bad, and I don’t know why they try.
A good approach goes like this:
Hi Lindsay!
I’m a recruiter at $CoolCompany. We’re looking for great people to work on our teams doing $InterestingThingOne and $InterestingThingsTwo! We’re hoping to do This, That and the Other Thing! Check out our projects on Github <here> and <here>.
We think this would be a good match because of your background working on $RecentProject in $PreviousIndustries.
We were thinking about someone to do these sorts of things: X, Y, Z. But mainly it’s about finding the right people, and we’re fine with re-working the role a bit to suit.
Let us know what you think
Regards, Good Recruiter
Hi
We have a job opening for a Continue reading
Right now, it’s an employee’s market in the Bay Area. Technology firms are growing, and they’re always trying to hire more people. So I regularly receive emails from recruiters. This is not to brag, it’s just the way things are right now, based upon the economy, my background, my current location, and my age. I’m lucky.
Some of these approaches are outstanding. Well-crafted, tailored to the person and the role. Some are pathetically bad, and I don’t know why they try.
A good approach goes like this:
Hi Lindsay!
I’m a recruiter at $CoolCompany. We’re looking for great people to work on our teams doing $InterestingThingOne and $InterestingThingsTwo! We’re hoping to do This, That and the Other Thing! Check out our projects on Github <here> and <here>.
We think this would be a good match because of your background working on $RecentProject in $PreviousIndustries.
We were thinking about someone to do these sorts of things: X, Y, Z. But mainly it’s about finding the right people, and we’re fine with re-working the role a bit to suit.
Let us know what you think
Regards, Good Recruiter
Hi
We have a job opening for a Continue reading