Virtual networking 101: Bridging the gap to understanding TAP

Virtual networking 101: Bridging the gap to understanding TAP
Virtual networking 101: Bridging the gap to understanding TAP

It's a never-ending effort to improve the performance of our infrastructure. As part of that quest, we wanted to squeeze as much network oomph as possible from our virtual machines. Internally for some projects we use Firecracker, which is a KVM-based virtual machine manager (VMM) that runs light-weight “Micro-VM”s. Each Firecracker instance uses a tap device to communicate with a host system. Not knowing much about tap, I had to up my game, however, it wasn't easy — the documentation is messy and spread across the Internet.

Here are the notes that I wish someone had passed me when I started out on this journey!

A tap device is a virtual network interface that looks like an ethernet network card. Instead of having real wires plugged into it, it exposes a nice handy file descriptor to an application willing to send/receive packets. Historically tap devices were mostly used to implement VPN clients. The machine would route traffic towards a tap interface, and a VPN client application would pick them up and process accordingly. For example this is what our Cloudflare WARP Linux client does. Here's how it looks on my laptop:

$ ip link list
...
18: CloudflareWARP: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP>  Continue reading

Video: What Is Software-Defined Data Center

A few years ago, I was asked to deliver a What Is SDDC presentation that later became a webinar. I forgot about that webinar until I received feedback from one of the viewers a week ago:

If you like to learn from the teachers with the “straight to the point” approach and complement the theory with many “real-life” scenarios, then ipSpace.net is the right place for you.

I haven’t realized people still find that webinar useful, so let’s make it viewable without registration, starting with What Problem Are We Trying to Solve and What Is SDDC.

You need at least free ipSpace.net subscription to watch videos in this webinar.

Video: What Is Software-Defined Data Center

A few years ago, I was asked to deliver a What Is SDDC presentation that later became a webinar. I forgot about that webinar until I received feedback from one of the viewers a week ago:

If you like to learn from the teachers with the “straight to the point” approach and complement the theory with many “real-life” scenarios, then ipSpace.net is the right place for you.

I haven’t realized people still find that webinar useful, so let’s make it viewable without registration, starting with What Problem Are We Trying to Solve and What Is SDDC.

You need at least free ipSpace.net subscription to watch videos in this webinar.

Juniper Networks to lay off 440 workers as part of $59M restructuring plan

Juniper Networks today said it is laying off 440 workers amidst a $59 million restructuring plan.The restructuring strategy is the result of a review of the company’s business objectives, and it is intended to focus on realigning resources and investments in long-term growth opportunities, the networking vendor wrote in an SEC 8K filing.“The company believes the plan will further allow it to continue to prudently manage operating expenses in order to deliver improved operating margin,” Juniper wrote. “Total costs currently estimated to be incurred in connection with the Plan are approximately $59 million, of which approximately $48 million are expected to result in cash expenditures.”To read this article in full, please click here

Juniper Networks to lay off 440 workers as part of $59M restructuring plan

Juniper Networks today said it is laying off 440 workers amidst a $59 million restructuring plan.The restructuring strategy is the result of a review of the company’s business objectives, and it is intended to focus on realigning resources and investments in long-term growth opportunities, the networking vendor wrote in an SEC 8K filing.“The company believes the plan will further allow it to continue to prudently manage operating expenses in order to deliver improved operating margin,” Juniper wrote. “Total costs currently estimated to be incurred in connection with the Plan are approximately $59 million, of which approximately $48 million are expected to result in cash expenditures.”To read this article in full, please click here

Hedge 197: Old Engineering Books (1)

It’s time for the October Roundtable! This month Eyvonne, Tom, and Russ are reading quotes from an engineering book published in 1911 and reacting to them. How much has engineering changed? How much has engineering stayed the same? How well can advice from a hundred years ago apply to modern engineering problems and life? It turns out that, in spite of their faults, there is a lot of great wisdom in these old books.

download

Breaking Linux files into pieces with the split command

Linux systems provide a very easy-to-use command for breaking files into pieces. This is something that you might need to do prior to uploading your files to some storage site that limits file sizes or emailing them as attachments. To split a file into pieces, you simply use the split command.$ split bigfile By default, the split command uses a very simple naming scheme. The file chunks will be named xaa, xab, xac, etc., and, presumably, if you break up a file that is sufficiently large, you might even get chunks named xza and xzz.Unless you ask, the command runs without giving you any feedback. You can, however, use the --verbose option if you would like to see the file chunks as they are being created.To read this article in full, please click here

Breaking Linux files into pieces with the split command

Linux systems provide a very easy-to-use command for breaking files into pieces. This is something that you might need to do prior to uploading your files to some storage site that limits file sizes or emailing them as attachments. To split a file into pieces, you simply use the split command.$ split bigfile By default, the split command uses a very simple naming scheme. The file chunks will be named xaa, xab, xac, etc., and, presumably, if you break up a file that is sufficiently large, you might even get chunks named xza and xzz.Unless you ask, the command runs without giving you any feedback. You can, however, use the --verbose option if you would like to see the file chunks as they are being created.To read this article in full, please click here

Kubernetes Unpacked 036: What The Heck Is Ingress?

There are a lot of moving parts to Kubernetes. In today's Kubernetes Unpacked, we get into Ingress with guest Whitney Lee. Whitney breaks down her thoughts on Ingress, how she learned it, and how you can gain more knowledge around Ingress and the open-source CNCF projects around Ingress.

The post Kubernetes Unpacked 036: What The Heck Is Ingress? appeared first on Packet Pushers.

What is DNS and how does it work?

The Domain Name System (DNS) is one of the foundations of the internet, working in the background to match the names of web sites that people type into a search box with the corresponding IP address, a long string of numbers that no one could be expected to remember.It's still possible for someone to type an IP address into a browser to reach a website, but most people want an internet address to consist of easy-to-remember words, called domain names. (For example, Network World.)To read this article in full, please click here

Many ways to use the echo command on Linux

The echo command (a bash built-in) is one of the very basic commands on Linux. As with ls and pwd, you can't sit on the command line very long without using it. At the same time, echo has quite a few uses that many of us never take advantage of. So, this post looks into the many ways you can use this command.What is the echo command on Linux? Basically, echo is a command that will display any text that you ask it to display. However, when you type “echo hello”, the echo command isn't only spitting out those five letters, it's actually sending out six characters – the last one being a linefeed. Let's look at a couple of commands that make this obvious.To read this article in full, please click here

Details Emerge On Europe’s First Exascale Supercomputer

Some details are emerging on Europe’s first exascale system, codenamed “Jupiter” and to be installed at the Jülich Supercomputing Center in Germany in 2024.

The post Details Emerge On Europe’s First Exascale Supercomputer first appeared on The Next Platform.

Details Emerge On Europe’s First Exascale Supercomputer was written by Timothy Prickett Morgan at The Next Platform.

Generative AI set to reshape SD-WAN market

There are baseline security and connectivity requirements for any SD-WAN service, and then there are optional, emerging product capabilities that indicate how the market is maturing and customer requirements are expanding. AI networking support – such as for proactive remediation and incident management – is one of those optional capabilities, according to Gartner, which just released its latest analysis of the SD-WAN vendor landscape.There’s a trend toward AI capabilities that enable networking decisions to be made with little or no human intervention. These capabilities can help enterprises to streamline network design, configuration and ongoing management as well as increase agility and improve performance, according to Gartner. The research firm predicts that by 2026, generative AI technology embedded in SD-WAN offerings will be used for 20% of initial network configuration, up from near zero in 2023.To read this article in full, please click here

Generative AI set to reshape SD-WAN market

There are baseline security and connectivity requirements for any SD-WAN service, and then there are optional, emerging product capabilities that indicate how the market is maturing and customer requirements are expanding. AI networking support – such as for proactive remediation and incident management – is one of those optional capabilities, according to Gartner, which just released its latest analysis of the SD-WAN vendor landscape.There’s a trend toward AI capabilities that enable networking decisions to be made with little or no human intervention. These capabilities can help enterprises to streamline network design, configuration and ongoing management as well as increase agility and improve performance, according to Gartner. The research firm predicts that by 2026, generative AI technology embedded in SD-WAN offerings will be used for 20% of initial network configuration, up from near zero in 2023.To read this article in full, please click here

Intel plans spinoff of FPGA unit

Intel announced plans to spin off its programmable solutions group (PSG) as a standalone business beginning January 1, with an IPO to follow in about two to three years. The group will operate as a separate unit in the company’s financials.PSG is the group that handles field-programmable gate array (FPGA) processors made by Altera, which Intel acquired for $16.7 billion in 2015. Sandra Rivera, who currently runs Intel’s data center and AI (DCAI) group, will lead PSG as CEO. The company also plans to search for a new chief financial officer for the group.To read this article in full, please click here

Intel plans spinoff of FPGA unit

Intel announced plans to spin off its programmable solutions group (PSG) as a standalone business beginning January 1, with an IPO to follow in about two to three years. The group will operate as a separate unit in the company’s financials.PSG is the group that handles field-programmable gate array (FPGA) processors made by Altera, which Intel acquired for $16.7 billion in 2015. Sandra Rivera, who currently runs Intel’s data center and AI (DCAI) group, will lead PSG as CEO. The company also plans to search for a new chief financial officer for the group.To read this article in full, please click here

Uncovering the Hidden WebP vulnerability: a tale of a CVE with much bigger implications than it originally seemed

Uncovering the Hidden WebP vulnerability: a tale of a CVE with much bigger implications than it originally seemed
Uncovering the Hidden WebP vulnerability: a tale of a CVE with much bigger implications than it originally seemed

At Cloudflare, we're constantly vigilant when it comes to identifying vulnerabilities that could potentially affect the Internet ecosystem. Recently, on September 12, 2023, Google announced a security issue in Google Chrome, titled "Heap buffer overflow in WebP in Google Chrome," which caught our attention. Initially, it seemed like just another bug in the popular web browser. However, what we discovered was far more significant and had implications that extended well beyond Chrome.

Impact much wider than suggested

The vulnerability, tracked under CVE-2023-4863, was described as a heap buffer overflow in WebP within Google Chrome. While this description might lead one to believe that it's a problem confined solely to Chrome, the reality was quite different. It turned out to be a bug deeply rooted in the libwebp library, which is not only used by Chrome but by virtually every application that handles WebP images.

Digging deeper, this vulnerability was in fact first reported in an earlier CVE from Apple, CVE-2023-41064, although the connection was not immediately obvious. In early September, Citizen Lab, a research lab based out of the University of Toronto, reported on an apparent exploit that was being used to attempt to install spyware on the iPhone Continue reading

1 230 231 232 233 234 3,856