What’s the deal with SONiC? Is it easy to build and use, or hard? Is it something you should be looking at? Jeff Doyle joins Russ and Tom to look at the SONiC operating system, ecosystem, and deployment.
download
Welcome to Technology Short Take #193! I know it has only been a couple weeks since the last Tech Short Take, but I am guessing that readers won’t really mind another one. Here is my latest collection of articles and posts about data center-related technologies. Enjoy!
IS-IS was designed to carry node addresses (NSAPs) between level-1 routers (called Intermediate Systems) within an area and area prefixes between level-2 routers, resulting in a perfect separation of concerns and forwarding information summarization. When IETF tried to use the same routing protocol for a networking stack with a completely different addressing mentality, something had to give.
Following our MikroTik hAP ax³ initial setup guide, we are now ready to unlock the […]
The post Advanced MikroTik hAP ax³ Configuration first appeared on Brezular's Blog.
Note: The core architecture for this pattern was introduced by Isaac Hawley from Tigera.
If you are building an AI agent that relies on tool calling, complex routing, or the Model Context Protocol (MCP), you’re not just building a chatbot anymore. You are building an autonomous system with access to your internal APIs.
With that power comes a massive security and governance headache, and AI agent security testing is where most teams hit a wall. How do you definitively prove that your agent’s identity and access management (IAM) actually works?
The scale of the problem is hard to overstate. Microsoft’s telemetry shows that 80% of Fortune 500 companies now run active AI agents, yet only 47% have implemented specific AI security controls. Most teams are deploying agents faster than they can test them.
If an agent is hijacked via prompt injection, or simply hallucinates a destructive action, does your governance layer stop it? Testing this usually forces engineers into a frustrating trade-off:
Cloudflare data shows that 32% of traffic across our network originates from automated traffic. This includes search engine crawlers, uptime checkers, ad networks — and more recently, AI assistants looking to the web to add relevant data to their knowledge bases as they generate responses with retrieval-augmented generation (RAG). Unlike typical human behavior, AI agents, crawlers, and scrapers’ automated behavior may appear aggressive to the server responding to the requests.
For instance, AI bots frequently issue high-volume requests, often in parallel. Rather than focusing on popular pages, they may access rarely visited or loosely related content across a site, often in sequential, complete scans of the websites. For example, an AI assistant generating a response may fetch images, documentation, and knowledge articles across dozens of unrelated sources.
Although Cloudflare already makes it easy to control and limit automated access to your content, many sites may want to serve AI traffic. For instance, an application developer may want to guarantee that their developer documentation is up-to-date in foundational AI models, an e-commerce site may want to ensure that product descriptions are part of LLM search results, or publishers may want to get paid for their content through mechanisms such Continue reading
A year ago, I was complaining about SR Linux breaking its configuration data model with a new software release. At that time, I was promised it would only happen once a year, and, like clockwork, that moment arrived with the SR Linux release 26.03.
However, this year Miguel Redondo fixed the netlab SR Linux configuration templates (VRF export policies, LocPref routing policy changes) before I could even start looking at them, and Roman Dodin released a tool that tells you exactly what changed between software releases and how to fix it.
Exactly 8 years ago today, we launched the 1.1.1.1 public DNS resolver, with the intention to build the world’s fastest resolver — and the most private one. We knew that trust is everything for a service that handles the "phonebook of the Internet." That’s why, at launch, we made a unique commitment to publicly confirm that we are doing what we said we would do with personal data. In 2020, we hired an independent firm to check our work, instead of just asking you to take our word for it. We shared our intention to update such examinations in the future. We also called on other providers to do the same, but, as far as we are aware, no other major public resolver has had their DNS privacy practices independently examined.
At the time of the 2020 review, the 1.1.1.1 resolver was less than two years old, and the purpose of the examination was to prove our systems made good on all the commitments we made about how our 1.1.1.1 resolver functioned, even commitments that did not impact personal data or user privacy.
Since then, Cloudflare’s technology Continue reading
The cost of building software has drastically decreased. We recently rebuilt Next.js in one week using AI coding agents. But for the past two months our agents have been working on an even more ambitious project: rebuilding the WordPress open source project from the ground up.
WordPress powers over 40% of the Internet. It is a massive success that has enabled anyone to be a publisher, and created a global community of WordPress developers. But the WordPress open source project will be 24 years old this year. Hosting a website has changed dramatically during that time. When WordPress was born, AWS EC2 didn’t exist. In the intervening years, that task has gone from renting virtual private servers, to uploading a JavaScript bundle to a globally distributed network at virtually no cost. It’s time to upgrade the most popular CMS on the Internet to take advantage of this change.
Our name for this new CMS is EmDash. We think of it as the spiritual successor to WordPress. It’s written entirely in TypeScript. It is serverless, but you can run it on your own hardware or any platform you choose. Plugins are securely sandboxed and can run in their own isolate, Continue reading
Avery Pennarun published yet another excellent article: every layer of review makes you 10x slower, effectively reiterating what I’ve been saying for decades: all the technology in the world won’t help you unless you re-architect the broken processes.
AI is no exception, but of course, the AI evangelists, LinkedIn AI Wranglers1, and Thought Leaders will never tell you that (or even admit it).
Yes, you can find BS like that on LinkedIn. You’re not surprised, are you? ↩︎