I2RS and Remote Triggered Black Holes
In our last post, we looked at how I2RS is useful for managing elephant flows on a data center fabric. In this post, I want to cover a use case for I2RS that is outside the data center, along the network edge—remote triggered black holes (RTBH). Rather than looking directly at the I2RS use case, however, it’s better to begin by looking at the process for creating, and triggering, RTBH using “plain” BGP. Assume we have the small network illustrated below—
In this network, we’d like to be able to trigger B and C to drop traffic sourced from 2001:db8:3e8:101::/64 inbound into our network (the cloudy part). To do this, we need a triggering router—we’ll use A—and some configuration on the two edge routers—B and C. We’ll assume B and C have up and running eBGP sessions to D and E, which are located in another AS. We’ll begin with the edge devices, as the configuration on these devices provides the setup for the trigger. On B and C, we must configure—
- Unicast RPF; loose mode is okay. With loose RPF enabled, any route sourced from an address that is pointing to a null destination in the routing table will Continue reading
IoT Botnet To Blame for Big DDoS Attack
The infamous Mirai was the likely culprit.
Swisscom, UKCloud Adopt Red Hat OpenStack Platform
Swisscom will use OpenStack to develop its own cloud platform.
High Availability for RHV-M
Hi folks, so time ago (years?) I wrote about how to put together High Availability for RHV-M. At the time the actual configuration that I proposed was solid, if a little unorthodox. Still, it certainly left room for improvement. In this week’s post, I’m updating the configuration with something that Red Hat fully supports. They refer to the configuration as Self-Hosted Engine.
Why Hosted Engine?
The primary benefits to using the Self-Hosted Engine, or “HE”, is that it provides a fully supported HA configuration for RHV-M as well as a smaller overall footprint as compared to a traditional deployment of RHV. Also, RHV-M is delivered as an appliance for the HE configuration, so the entire process is streamlined. Who doesn’t like that?
Let’s go back to the smaller footprint statement a few times though.. First off, in a traditional deployment of RHV, you have RHV-M, plus hosts. That deployment of RHV may be on a bare-metal host or it may be on a VM in a different virtualization environment. Regardless, you’re already using up resources and software subscriptions that you may not want to use. Not to mention the fact that it may cause you to cross-deploy resource across Continue reading
Operators Want Flexibility & Reduced Costs From SD-WAN & vCPE, Report Says
Service providers want reduced costs while the enterprise looks for flexibility.
Yahoo! User Data Breach: The Case for Pervasive Security and Monitoring
These breaches are now affecting millions and sometimes hundreds of millions of people.
What are the Top NFV Risks for Carriers?
In the move to the telco cloud and NFV, there are a number of risks associated with implementing a fully virtualized system.
Worth Reading: Hack Cameras, DVRs, and DDoS
The post Worth Reading: Hack Cameras, DVRs, and DDoS appeared first on 'net work.