CCIE Renewed Again – Exam 400-101 v5.1

It came around again: CCIE renewal. Last time I renewed, I wasn’t sure if I should do it again. But I gave in, passed the CCIE R&S Written Exam, and moved one step closer to Emeritus. Turns out it wasn’t that bad, and I should not have put it off for so long.

Renewal Cycle

Cisco certifications below Expert level have a 3-year renewal cycle. You can renew your CCNA or CCNP certifications at any time by sitting an exam at the same level. Your 3-year cycle restarts from the day you pass that exam.

CCIE is a little different. A CCIE certification remains valid for two years from your lab date. You can sit any CCIE-level written exam to renew your CCIE certification. At that point your validity date gets extended for another two years - note that it is another two years based upon your lab date, not the date you passed your most recent re-cert exam.

If you don’t pass a written exam during the two-year period, your status goes to “Suspended.” You then have another 12 months to pass the exam, or you completely lose your CCIE status.

My renewal date was last Continue reading

Now Slack search can look for knowledgeable users and channels

How do you find someone in an organization who can answer a burning question? That’s what Slack is trying to answer with an update to its search feature that was released for larger teams on Wednesday.Users who search on topics, such as hiring procedures or sales contracts, will see a bubble pop up in the search results that highlights relevant users and channels for that topic. It’s designed to keep employees from wasting time navigating their companies.Improved search is important for Slack, which faces growing competition from rivals like Microsoft and Google. Microsoft Teams already has a bot that’s supposed to make it easier for users to find coworkers to answer questions.To read this article in full or to leave a comment, please click here

VXLAN: BGP EVPN with Cumulus Quagga

VXLAN is an overlay network to encapsulate Ethernet traffic over an existing (highly available and scalable, possibly the Internet) IP network while accomodating a very large number of tenants. It is defined in RFC 7348. For an uncut introduction on its use with Linux, have a look at my “VXLAN & Linux” post.

In the above example, we have hypervisors hosting a virtual machines from different tenants. Each virtual machine is given access to a tenant-specific virtual Ethernet segment. Users are expecting classic Ethernet segments: no MAC restrictions¹, total control over the IP addressing scheme they use and availability of multicast.

In a large VXLAN deployment, two aspects need attention:

1. discovery of other endpoints (VTEPs) sharing the same VXLAN segments, and
2. avoidance of BUM frames (broadcast, unknown unicast and multicast) as they have to be forwarded to all VTEPs.

A typical solution for the first point is using multicast. For the second point, this is source-address learning.

Introduction to BGP EVPN

BGP EVPN (RFC 7432 and draft-ietf-bess-evpn-overlay for its application with VXLAN Continue reading

VXLAN & Linux

VXLAN is an overlay network to carry Ethernet traffic over an existing (highly available and scalable) IP network while accommodating a very large number of tenants. It is defined in RFC 7348.

Starting from Linux 3.12, the VXLAN implementation is quite complete as both multicast and unicast are supported as well as IPv6 and IPv4. Let’s explore the various methods to configure it.

To illustrate our examples, we use the following setup:

• an underlay IP network (highly available and scalable, possibly the Internet),
• three Linux bridges acting as VXLAN tunnel endpoints (VTEP),
• four servers believing they share a common Ethernet segment.

A VXLAN tunnel extends the individual Ethernet segments accross the three bridges, providing a unique (virtual) Ethernet segment. From one host (e.g. H1), we can reach directly all the other hosts in the virtual segment:

$ ping -c10 -w1 -t1 ff02::1%eth0
PING ff02::1%eth0(ff02::1%eth0) 56 data bytes
64 bytes from fe80::5254:33ff:fe00:8%eth0: icmp_seq=1 ttl=64 time=0.016 ms
64 bytes from fe80::5254:33ff:fe00:b%eth0: icmp_seq=1 ttl=64 time=4.98 ms (DUP!)
64 bytes from fe80::5254:33ff:fe00:9%eth0: icmp_seq=1 ttl=64 time=4.99 ms (DUP!)
64 bytes from fe80::5254:33ff:fe00:a%eth0: icmp_seq=1 ttl=64 time=4.99 ms (DUP!)

--- ff02::1%eth0 ping statistics ---
1 packets transmitted, 1 received, +3 duplicates,  Continue reading

Full Stack Journey 005: Patrick Kelso

Full Stack Journey 005: Patrick Kelso

Episode #5 of the Full Stack Journey Podcast features Patrick Kelso, an independent consultant who works in the UNIX/virtualization/cloud space.

The post Full Stack Journey 005: Patrick Kelso appeared first on Packet Pushers.

Introducing the new Cloudflare Community Forum

Cloudflare’s community of users is vast. With more than 6 million domains registered, our users come in all shapes and sizes and are located all over the world. They can also frequently be found hanging out all around the web, from social media platforms, to Q&A sites, to any number of personal interest forums. Cloudflare users have questions to ask and an awful lot of expertise to share.

It’s with that in mind that we wanted to give Cloudflare users a more centralized location to gather, and to discuss all things Cloudflare. So we have launched a new Cloudflare Community at community.cloudflare.com.

Who is this community for?

It's for anyone and everyone who uses Cloudflare. Whether you are adding your first domain and don’t know what a name server is, or you are managing 1,000s of domains via API, or you are somewhere in between. In the Cloudflare Community you will be able to find tips, tricks, troubleshooting guidance, and recommendations.

We also think this will be a great way to get feedback from users on what’s working for them, what isn’t, and ways that we can make Cloudflare better. There will even be opportunities to Continue reading

Value Constrains Us. At Least, It Should.

A friend of mine asked me, “How do you manage the billions of chat messages, chat apps, social media, etc.? I’m becoming so inefficient it isn’t funny.”

TL;DR

The short answer is that I don’t manage them. I mostly ignore them. I don’t view most of these apps, especially social media, as something to be kept up with. I declared permanent amnesty (some would say bankruptcy) some time ago. I have a different viewpoint on these tools than I once did.

See also the post I wrote on Cal Newport’s book, Deep Work in May 2016.

I limit active participation.

I only take part in a few services, and I’m not consistently active on any of them. Despite however many followers I might have on a given platform, the world doesn’t care what I have to say on those services so much that my contributions especially matter. Therefore, stepping back isn’t harming anyone, nor is it disappointing someone that I’m not saying something or participating in every conversation that I might. No one notices.

Conversely, I don’t pay attention to everything everyone else is saying on all the platforms where things are being said. The Internet allows everyone to talk Continue reading

9 reasons why the death of the security appliance is inevitable

9 reasons why the death of the security appliance is inevitable

9 reasons why the death of the security appliance is inevitable

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Organizations are used to appliances being the workhorse of their protection needs. There are appliances for everything from firewalls, to Intrusion Detection Systems, Web Security Gateways, Email Security Gateways, Web Application Firewalls, and Advanced Threat Protection.But as crucial as security appliances are today, they are eventually going to die out as they get increasingly less effective, requiring detection to be pushed to the machines that need protection.    Here are the nine reasons why:To read this article in full or to leave a comment, please click here

9 reasons why the death of the security appliance is inevitable

9 reasons why the death of the security appliance is inevitable

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Organizations are used to appliances being the workhorse of their protection needs. There are appliances for everything from firewalls, to Intrusion Detection Systems, Web Security Gateways, Email Security Gateways, Web Application Firewalls, and Advanced Threat Protection.But as crucial as security appliances are today, they are eventually going to die out as they get increasingly less effective, requiring detection to be pushed to the machines that need protection.    Here are the nine reasons why:To read this article in full or to leave a comment, please click here

Face it: Enterprise cyberattacks are going to happen

There are now so many cyberattacks that many enterprises simply accept that hackers and bad actors will find ways to break into their systems.A strategy some large businesses have developed over the past two years has been to quickly identify and isolate these attacks, possibly by shutting down part of a system or network so the hackers won't get days or weeks to root around and grab sensitive corporate data.This enterprise focus on rapid detection and response to various attacks on networks and computers doesn't replace conventional security tools to prevent attacks. Instead, businesses are relying on both prevention software and detection software.To read this article in full or to leave a comment, please click here

Face it: Enterprise cyberattacks are going to happen

There are now so many cyberattacks that many enterprises simply accept that hackers and bad actors will find ways to break into their systems.A strategy some large businesses have developed over the past two years has been to quickly identify and isolate these attacks, possibly by shutting down part of a system or network so the hackers won't get days or weeks to root around and grab sensitive corporate data.This enterprise focus on rapid detection and response to various attacks on networks and computers doesn't replace conventional security tools to prevent attacks. Instead, businesses are relying on both prevention software and detection software.To read this article in full or to leave a comment, please click here

Windows 10 S: It’s for enterprise, too

Microsoft may have stuck to its script Tuesday when it unveiled a Windows 10 spin-off aimed at the K-12 educational market, but the new operating system will be enticing to businesses as well, analysts said today."They were very focused on Windows 10 S as an education play, but no question, this will also appeal to enterprises," said Carolina Milanesi of Creative Strategies.Microsoft yesterday announced Windows 10 S -- the "S" isn't a placeholder for something specific, the company maintained -- for school settings. The operating system is Windows 10, but comes with important restrictions, the most notable that users can only install and run apps from Microsoft's Windows Store. This summer, Microsoft will begin testing a version of its Office suite that will be available from the store in September.To read this article in full or to leave a comment, please click here

Worth Reading: A trillion edge graph on a single node

Efficiently and quickly chewing through one trillion edges of a complex graph is no longer in itself a standalone achievement, but doing so on a single node, albeit with some acceleration and ultra-fast storage, is definitely worth noting. There are many paths to processing trillions of edges efficiently and with high performance as demonstrated by companies like Facebook with its distributed trillion-edge scaling effort across 200 nodes in 2015 and Microsoft with a similar feat as well. —The Next Platform

The post Worth Reading: A trillion edge graph on a single node appeared first on rule 11 reader.

China will attempt to keep IT products spy-free with security checks

China will start carrying out security checks of IT suppliers in the country, with the intent of keeping out internet products vulnerable to spying and hacking.The new rules, which take effect in June, mean that foreign vendors will face more scrutiny -- including government-mandated background checks, and supply chain vetting -- when selling IT products to China’s major business sectors.On Tuesday, the country’s Cyberspace Administration of China released the new rules, which call for the review of any important internet products and services that relate to the country’s security.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 3 telltale signs it’s a real digital transformation

“Get a digital transformation for only $199.95, but only if you call to order in the next 15 minutes!”OK, so I haven’t seen an ad like this on late night TV—well, at least not yet. The unfortunate truth, however, is that the term “digital transformation” may be the greatest selling tool the enterprise technology industry has created in a generation.Everywhere you turn, someone is selling something using the term "digital transformation." The truth is, many of the things technology companies are selling are incredible new technologies that do, in fact, play a vital role in your digital transformation journey and are worthy of your consideration.To read this article in full or to leave a comment, please click here

FBI’s Comey dangerous definition of “valid” journalism