AskJJX: “What’s the best way to find and disable rogue APs on the network? We had an audit finding and got our hand slapped.” Ahhh, I love this question for so many reasons. First, because my answer to this today, in 2023, is very different than my answer would have been years ago. You may […]
The post AskJJX: How To Handle Rogue APs Without Getting Arrested appeared first on Packet Pushers.
This blog is co-authored by Zack Kayyali and Hicham (he-sham) Mourad
The steps below detail how to install Red Hat Ansible Automation Platform on Google Cloud from the marketplace. Before starting the deployment process, please ensure the Google Cloud account you are using to deploy has the following permissions. These IAM roles are required to deploy the Google Cloud foundation stack offering. The foundation stack offering here refers to the base Ansible Automation Platform 2 deployment.
This blog details how to deploy Ansible Automation Platform on Google Cloud, and then access the application. This deployment process will be configured to set up Ansible Automation Platform on its own Virtual Private Cloud (VPC) that it creates and manages. We also support deploying into an existing VPC.
To begin, first log into your Google Cloud account. If you have a private offer, ensure that these are accepted for both the foundation and extension node offerings.
Note:
In some scenarios it is really useful to be able to simulate a WAN in regards to latency, jitter, and packet loss. Especially for those of us that work with SD-WAN and want to test or policies in a controlled environment. In this post I will describe how I build a WAN impairment device in Linux for a VMware vSphere environment and how I can simulate different conditions.
My SD-WAN lab is built on VMware vSphere using Catalyst SD-WAN with Catalyst8000v as virtual routers and on-premises controllers. The goal with the WAN impairment device is to be able to manipulate each internet connection to a router individually. That way I can simulate that a particular connection or router is having issues while other connections/routers are not. I don’t want to impose the same conditions on all connections/devices simultaneously. To do this, I have built a physical topology that looks like this:
All devices are connected to a management network that I can access via a VPN. This way I have “out of band” access to all devices and can use SSH to configure my routers with a bootstrap configuration. To avoid having to create many unique VLANs in the vSwitch, Continue reading
Lately I’ve been thinking about a better data protocol for amateur radio.
“Better” is, of course, relative. And the space is so big. Are we talking HF or VHF/UHF? Should it work with existing radios (just working the audio spectrum), or be its own radio? Should it be just RF improvements, or higher networking layers?
In my previous post I started off trying ZMODEM, but was fairly disappointed. The Linux AX.25 implementation sucks, and ZMODEM is too chatty. Every roundtrip is expensive. But even tuning the parameters, there are better ways to avoid needless retransmits and roundtrips.
I’ve started a tool called hamtransfer. The implementation is currently only point-to-point, but the protocol will work for more “bittorrent” style too.
It uses Raptor codes, but I’ll save you some time: It encodes the file (it calls a “block”) into smaller chunks (it calls “symbols”). It then sends the symbols to the receiver, which will be able to reassemble the original block.
The trick is that the set of symbols is infinite, and the block can be assembled by almost any subset of symbols. If the block is 10kB, then with more than Continue reading
Welcome to the Calico monthly roundup: June edition! From open source news to live events, we have exciting updates to share—let’s get into it!
Customer case study: Box Using Calico, Box achieved zero-trust security and policy automation at scale in a multi-cluster environment. Read our new case study to find out how. |
Is your container environment compliant with NIST guidelines? This assessment helps you compare your current security posture against the NIST Cybersecurity Framework and assess your readiness to detect and protect against cyberattacks. |
This bonus episode of Network Break discusses a new free tier of Prosimo's multi-cloud networking offering, the latest ThousandEyes acquisition, new SEC problems for SolarWinds, and a million-dollar refrigerator.
The post Network Break CCCCXXXVII: Summer Holiday Special! appeared first on Packet Pushers.
Emile Aben is describing an interesting behavior observed in the Wild West of the global Internet: someone started announcing BGP paths with an unknown attribute, which (regardless of RFC 7606) triggered some BGP session resets.
One would have hoped we learned something from the August 2010 incident (supposedly caused by a friend of mine 😜), but it looks like some things never change. For more details, watch the Network Security Fallacies and Internet Routing Security webinar.
Emile Aben is describing an interesting behavior observed in the Wild West of the global Internet: someone started announcing BGP paths with an unknown attribute, which (regardless of RFC 7606) triggered some BGP session resets.
One would have hoped we learned something from the August 2010 incident (supposedly caused by a friend of mine 😜), but it looks like some things never change. For more details, watch the Network Security Fallacies and Internet Routing Security webinar.
On the Communications of the ACM web site, Bertrand Meyer argues that (contrary to the exploding hype) AI Does Not Help Programmers:
As a programmer, I know where to go to solve a problem. But I am fallible; I would love to have an assistant who keeps me in check, alerting me to pitfalls and correcting me when I err. A effective pair-programmer. But that is not what I get. Instead, I have the equivalent of a cocky graduate student, smart and widely read, also polite and quick to apologize, but thoroughly, invariably, sloppy and unreliable. I have little use for such supposed help.
Not surprisingly, my experience is pretty close to what he’s describing. AI is the way to go if you want something that looks reasonable (at a first glance), but not if you want to get something right. Unfortunately, there’s a bit of a difference between marketing and engineering: networks that are configured 90% correctly sometimes fail to do what you expect them to do.
On the Communications of the ACM web site, Bertrand Meyer argues that (contrary to the exploding hype) AI Does Not Help Programmers:
As a programmer, I know where to go to solve a problem. But I am fallible; I would love to have an assistant who keeps me in check, alerting me to pitfalls and correcting me when I err. A effective pair-programmer. But that is not what I get. Instead, I have the equivalent of a cocky graduate student, smart and widely read, also polite and quick to apologize, but thoroughly, invariably, sloppy and unreliable. I have little use for such supposed help.
Not surprisingly, my experience is pretty close to what he’s describing. AI is the way to go if you want something that looks reasonable (at a first glance), but not if you want to get something right. Unfortunately, there’s a bit of a difference between marketing and engineering: networks that are configured 90% correctly sometimes fail to do what you expect them to do.
AskJJX: How do you set up and configure Wi-Fi for a two-level office in a crowded office building area (downtown San Francisco across from Moscone Center) with concrete poles all over the place? It was a nightmare. APs were dropping traffic like flies. We were at the point of almost having an intern follow the […]
The post AskJJX: Help! Office Wi-Fi is So Bad An Intern Is Following The CEO Around With An AP appeared first on Packet Pushers.
Packet-level fundamentals are essential for network engineers to be able to diagnose and solve network and application problems. On today's Heavy Networking, we dive into the transport layer and packets with packet analysis expert and instructor Chris Greer.
The post Heavy Networking 688: Packet-Level Fundamentals With Chris Greer appeared first on Packet Pushers.
