IPv6 Buzz 127: IPv6 Security And Firewalls
In this episode, Ed and Tom interview Scott on the topic of IPv6 security and firewalls. This is one of Scott's many areas of expertise as he is the co-author of IPv6 Security from Cisco Press. They discuss firewalls strategies, design and operational considerations, pros and cons of a dual-stack approach, and more.IPv6 Buzz 127: IPv6 Security And Firewalls
In this episode, Ed and Tom interview Scott on the topic of IPv6 security and firewalls. This is one of Scott's many areas of expertise as he is the co-author of IPv6 Security from Cisco Press. They discuss firewalls strategies, design and operational considerations, pros and cons of a dual-stack approach, and more.
The post IPv6 Buzz 127: IPv6 Security And Firewalls appeared first on Packet Pushers.
Cloudflare is deprecating Railgun
Cloudflare will deprecate the Railgun product on January 31, 2024. At that time, existing Railgun deployments and connections will stop functioning. Customers have the next eight months to migrate to a supported Cloudflare alternative which will vary based on use case.
Cloudflare first launched Railgun more than ten years ago. Since then, we have released several products in different areas that better address the problems that Railgun set out to solve. However, we shied away from the work to formally deprecate Railgun.
That reluctance led to Railgun stagnating and customers suffered the consequences. We did not invest time in better support for Railgun. Feature requests never moved. Maintenance work needed to occur and that stole resources away from improving the Railgun replacements. We allowed customers to deploy a zombie product and, starting with this deprecation, we are excited to correct that by helping teams move to significantly better alternatives that are now available in Cloudflare’s network.
We know that this will require migration effort from Railgun customers over the next eight months. We want to make that as smooth as possible. Today’s announcement features recommendations on how to choose a replacement, how to get started, and guidance on where you Continue reading
Reduce latency and increase cache hits with Regional Tiered Cache
Today we’re excited to announce an update to our Tiered Cache offering: Regional Tiered Cache.
Tiered Cache allows customers to organize Cloudflare data centers into tiers so that only some “upper-tier” data centers can request content from an origin server, and then send content to “lower-tiers” closer to visitors. Tiered Cache helps content load faster for visitors, makes it cheaper to serve, and reduces origin resource consumption.
Regional Tiered Cache provides an additional layer of caching for Enterprise customers who have a global traffic footprint and want to serve content faster by avoiding network latency when there is a cache miss in a lower-tier, resulting in an upper-tier fetch in a data center located far away. In our trials, customers who have enabled Regional Tiered Cache have seen a 50-100ms improvement in tail cache hit response times from Cloudflare’s CDN.
What problem does Tiered Cache help solve?
First, a quick refresher on caching: a request for content is initiated from a visitor on their phone or computer. This request is generally routed to the closest Cloudflare data center. When the request arrives, we look to see if we have the content cached to respond to Continue reading
RIPE 86 Bites – Gigabits for EU
RIPE held a community meeting in May in Rotterdam. There were a number of presentations that sparked my interest, but rather than write my impressions in a single lengthy note, I thought I would just take a couple of topics and use a shorter, and hopefully more readable bite-sized format. Here’s the first of these bite-sized notes from the RIPE 86 meeting , on the topic of the Eu Gigabit Connectivity initiative.Source IP Address in Multicast Packets
One of my readers sent me this (paraphrased) question:
What I have seen in my network are multicast packets with the IP source address set to 0.0.0.0 and source port set to 0. Is that considered acceptable? Could I use a multicast IP address as a source address?
TL&DR: **** NO!!!
It also seemed like a good question to test ChatGPT, and this time it did a pretty good job.
Source IP Address in Multicast Packets
One of my readers sent me this (paraphrased) question:
What I have seen in my network are multicast packets with the IP source address set to 0.0.0.0 and source port set to 0. Is that considered acceptable? Could I use a multicast IP address as a source address?
TL&DR: **** NO!!!
It also seemed like a good question to test ChatGPT, and this time it did a pretty good job.
More Power – And Cooling – To You
Just below the massive hyperscalers and cloud builders there is another set of dozens of datacenter operators who provide cloud and co-location services on a multinational basis to enterprises, governments, and academic institutions. …
More Power – And Cooling – To You was written by Timothy Prickett Morgan at The Next Platform.
Calico monthly roundup: May 2023
Welcome to the Calico monthly roundup: May edition! From open source news to live events, we have exciting updates to share—let’s get into it!
Customer case study: Rafay Rafay achieved turnkey Kubernetes security using Calico on AWS. Read our new case study to find out how. |
New guide: CISO’s security guide to containers and Kubernetes This guide provides CISOs and other security decision-makers with an overview of container security, insights into securing Kubernetes landscapes and container-based applications, and why securing these technologies requires a unique approach. |
Tigera Named Winner of the Esteemed Global InfoSec Awards during RSA Conference 2023 We’re excited to announce that we won the ‘Hot Company: Container Security’ category of the Global InfoSec Awards from Cyber Defense Magazine! Check out the full press release for more details. Read the press release. |
Open source news
- Calico Wall of Fame – As a valued member of our Calico users community, we would like to feature you on our NEW Project Calico Wall of Fame. To participate, fill out the form here.
- Flagsmith & Project Calico Interview – In this podcast, Ben Rometsch from Flasgsmith interviews Tigera’s Shaun Crampton about his experiences as Continue reading
Writing An IETF Draft: Document Streams And Document Status
So far in this series we’ve discussed the history of the IETF, some of the tools you might want to use when building an IETF submission, and document formatting. There are other seemingly mystical concepts in the IETF process as well—for instance, what is a “document stream,” and what is a document’s “status?” Let’s look […]
The post Writing An IETF Draft: Document Streams And Document Status appeared first on Packet Pushers.
The Balancing Act Of HPE’s Systems Business
There is perhaps no better logo for Hewlett Packard Enterprise than the box. …
The Balancing Act Of HPE’s Systems Business was written by Timothy Prickett Morgan at The Next Platform.