0

Launching our new Open Source Software Sponsorships Program

In 2018, we first launched our Open Source Software Sponsorships program, and since then, we've been listening to your feedback, and realized that it's time to introduce a fresh and enhanced version of the program that's more inclusive and better addresses the needs of the OSS community.

Previously, our sponsorship focused on engineering tools, but we're excited to announce that we've now opened it to include any non-profit and open source projects.

Program criteria and eligibility

To qualify for our Open Source Sponsorship Program, projects must be open source and meet the following criteria:

1. Operate on a non-profit basis.
2. Include a link back to our home page.

Please keep in mind that this program isn't intended for event sponsorships, but rather for project-based support.

Sponsorship benefits

As part of our sponsorship program, we offer the following benefits to projects:

• Free Cloudflare Pro Plan zone upgrade.
• Access to requested products (subject to the approval of the product team).
• Additional resources and support through our community forums and Discord server.

Can Cloudflare help your open source project be successful and sustainable? Fill out the application form to submit your project Continue reading

0

Announcing Cohort #2 of the Workers Launchpad

We launched the $2B Workers Launchpad Funding Program in late 2022 to help support the over one million developers building on Cloudflare’s Developer Platform, many of which are startups leveraging Cloudflare to ship faster, scale more efficiently, and accelerate their growth.

Cohort #1 wrap-up

Since announcing the program just a few months ago, we have welcomed 25 startups from all around the world into our inaugural cohort and recently wrapped up the program with the Demo Day. Cohort #1 gathered weekly for Office Hours with our Solutions Architects for technical advice and the Founders Bootcamp, where they spent time with Cloudflare leadership, preview upcoming products with our Developer Platform Product Managers, and receive advice on a wide range of topics such as how to build Sales teams and think about the right pricing model for your product.

Learn more about what these companies are building and what they’ve been up to below:

Authdog

Identity and Access Management streamlined.

Demo Day pitch

Why they chose Cloudflare
“Cloudflare is the de facto Infrastructure for building resilient serverless products, it was a no-brainer to migrate to Cloudflare Workers to build the most frictionless experience for our customers.”

Recent updates
Learn more about Continue reading

0

How to Upgrade an Aging Network Infrastructure With Ease

When your enterprise network begins showing signs of age, it's time for an upgrade. Learn how to handle the task with minimal frustration and disruption.

0

YOU are the community

New year, new role, new strategy…2023 is officially the year when I return to my roots. Back in 2014, I officially became part of the Ansible community. Admittingly, back then my focus was solely on figuring out how to best demonstrate to my customers the power of having a OpenStack private cloud. Anyone who has ever stood up or experimented with OpenStack knows that this is a tall order. Imagine having to stand up that platform over and over again on a daily basis. My focus was to find a way—a tool—that could help me do that, so I could focus on helping solve the customers' true challenges. Fast forward to now, and the decision to do it with Ansible still stands as the best choice hands down.

Many of you have stories just like mine. You are seeking out a way to simplify your daily tasks, so you can focus on the business. Just like me, you have decided that Ansible is the tool to do it. Before I started in this new role, I did some reflecting on my experience as part of the community. I have so many encouraging, positive, and fun stories I could share. Our Continue reading

0

Frontier still reigns as world’s fastest supercomputer

For the third time in a row, Frontier is ranked number one among the world’s fastest supercomputers, and it remains the only whose fastest speed exceeds one exaFLOPS.At 1.194 quintillion floating point operations per second (FLOPS), Frontier kept its ranking with more than double the top speed of its nearest competitor, according to the list compiled by TOP500, which issues the rankings twice a year. A quintillion is 1018 or one exaFLOPS (EFLOPS).The number two machine, Fugaku, maxed out at 442.01petaFLOPS. A petaFLOPS is 1015 FLOPS.Two competitors in the top 10 improved their speeds since the last ranking period that ended in November 2022, but not nearly enough to even draw close. Those two—LUMI and Leonardo—rank third and fourth, respectively.To read this article in full, please click here

0

Frontier still reigns as world’s fastest supercomputer

For the third time in a row, Frontier is ranked number one among the world’s fastest supercomputers, and it remains the only whose fastest speed exceeds one exaFLOPS.At 1.194 quintillion floating point operations per second (FLOPS), Frontier kept its ranking with more than double the top speed of its nearest competitor, according to the list compiled by TOP500, which issues the rankings twice a year. A quintillion is 1018 or one exaFLOPS (EFLOPS).The number two machine, Fugaku, maxed out at 442.01petaFLOPS. A petaFLOPS is 1015 FLOPS.Two competitors in the top 10 improved their speeds since the last ranking period that ended in November 2022, but not nearly enough to even draw close. Those two—LUMI and Leonardo—rank third and fourth, respectively.To read this article in full, please click here

0

Simplify netlab Topologies with Link Groups

Last month I described how you can simplify your VLAN- or VRF lab topologies with VRF- and VLAN links, automatically setting vlan.access or vrf attribute on a set of links. Link groups allow you to do the same for any set of link attributes.

Sample Topology

Imagine you have a small network with three PE-routers connected to a central P-router:

0

Simplify netlab Topologies with Link Groups

Last month I described how you can simplify your VLAN- or VRF lab topologies with VRF- and VLAN links, automatically setting vlan.access or vrf attribute on a set of links. Link groups allow you to do the same for any set of link attributes.

Sample Topology

Imagine you have a small network with three PE-routers connected to a central P-router:

0

YOU are the community

YOU are the community

New year, new role, new strategy...2023 is officially the year when I return to my roots. Back in 2014, I officially became part of the Ansible community. Admittingly, back then my focus was solely on figuring out how to best demonstrate to my customers the power of having a OpenStack private cloud. Anyone who has ever stood up or experimented with OpenStack knows that this is a tall order. Imagine having to stand up that platform over and over again on a daily basis. My focus was to find a way---a tool---that could help me do that, so I could focus on helping solve the customers' true challenges. Fast forward to now, and the decision to do it with Ansible still stands as the best choice hands down.

Many of you have stories just like mine. You are seeking out a way to simplify your daily tasks, so you can focus on the business. Just like me, you have decided that Ansible is the tool to do it. Before I started in this new role, I did some reflecting on my experience as part of the community. I have so many encouraging, positive, and fun Continue reading

0

VPP MPLS – Part 3

About this series

Special Thanks: Adrian vifino Pistol for writing this code and for the wonderful collaboration!

Ever since I first saw VPP - the Vector Packet Processor - I have been deeply impressed with its performance and versatility. For those of us who have used Cisco IOS/XR devices, like the classic ASR (aggregation service router), VPP will look and feel quite familiar as many of the approaches are shared between the two.

In the [first article] of this series, I took a look at MPLS in general, and how setting up static Label Switched Paths can be done in VPP. A few details on special case labels (such as Implicit Null which enabled the fabled Penultimate Hop Popping) were missing, so I took a good look at them in the [second article] of the series.

This was all just good fun but also allowed me to buy some time for @vifino who has been implementing MPLS handling within the Linux Control Plane plugin for VPP! This final article in the series shows the engineering considerations that went in to writing the plugin, which is currently under review but reasonably complete. Considering the VPP Continue reading

0

Worth Reading: Trapped by Technology Fallacies

Michele Chubirka published a must-read article on technology fallacies including this gem:

Technologists often assume that all problems can be beaten into submission with a technology hammer.

As I’ve been saying for ages (not that anyone would listen): all the technology in the world won’t save you unless you change the mentality and rearchitect broken processes.

0

Worth Reading: Trapped by Technology Fallacies

Michele Chubirka published a must-read article on technology fallacies including this gem:

Technologists often assume that all problems can be beaten into submission with a technology hammer.

As I’ve been saying for ages (not that anyone would listen): all the technology in the world won’t save you unless you change the mentality and rearchitect broken processes.

0

NVA Part III: NVA Redundancy – Connection from the Internet

This chapter is the first part of a series on Azure's highly available Network Virtual Appliance (NVA) solutions. It explains how we can use load balancers to achieve active/active NVA redundancy for connections initiated from the Internet.

In Figure 4-1, Virtual Machine (VM) vm-prod-1 uses the load balancer's Frontend IP address 20.240.9.27 to publish an application (SSH connection) to the Internet. Vm-prod-1 is located behind an active/active NVA FW cluster. Vm-prod-1 and NVAs have vNICs attached to the subnet 10.0.2.0/24.

Both NVAs have identical Pre- and Post-routing policies. If the ingress packet's destination IP address is 20.240.9.27 (load balancer's Frontend IP) and the transport layer protocol is TCP, the policy changes the destination IP address to 10.0.2.6 (vm-prod-1). Additionally, before routing the packet through the Ethernet 1 interface, the Post-routing policy replaces the original source IP with the IP address of the egress interface Eth1.

The second vNICs of the NVAs are connected to the subnet 10.0.1.0/24. We have associated these vNICs with the load balancer's backend pool. The Inbound rule binds the Frontend IP address to the Backend pool and defines the load-sharing policies. In our example, the packets of SSH connections from the remote host to the Frontend IP are distributed between NVA1 and NVA2. Moreover, an Inbound rule determines the Health Probe policy associated with the Inbound rule.

Note! Using a single VNet design eliminates the need to define static routes in the subnet-specific route table and the VM's Linux kernel. This solution is suitable for small-scale implementations. However, the Hub-and-Spoke VNet topology offers simplified network management, enhanced security, scalability, performance, and hybrid connectivity. I will explain how to achieve NVA redundancy in the Hub-and-Spoke VNet topology in upcoming chapters.

Figure 4-1: Example Diagram. 

0

Why Is Source Address Validation Still a Problem?

I mentioned IP source address validation (SAV) as one of the MANRS-recommended actions in the Internet Routing Security webinar but did not go into any details (as the webinar deals with routing security, not data-plane security)… but I stumbled upon a wonderful companion article published by RIPE Labs: Why Is Source Address Validation Still a Problem?.

The article goes through the basics of SAV, best practices, and (most interesting) using free testing tools to detect non-compliant networks. Definitely worth reading!

0

Why Is Source Address Validation Still a Problem?

I mentioned IP source address validation (SAV) as one of the MANRS-recommended actions in the Internet Routing Security webinar but did not go into any details (as the webinar deals with routing security, not data-plane security)… but I stumbled upon a wonderful companion article published by RIPE Labs: Why Is Source Address Validation Still a Problem?.

The article goes through the basics of SAV, best practices, and (most interesting) using free testing tools to detect non-compliant networks. Definitely worth reading!

0

Simplifying Complex Fabrics with Open Source Based Solutions

SONiC helps bring ease of application workload management and data traffic across core to cloud to edge

0

Weekend Reads 051923

When it comes to understanding what exactly confidential computing entails, it all begins with a trusted execution environment (TEE) that is rooted in hardware.

So, just for fun, we pulled out the trust Excel spreadsheet and tried to estimate what the feeds and speeds of the MI300 and the MI300A GPUs, the latter of which will be at the heart of the El Capitan system might be. Y

The popular PC storage manufacturer, Western Digital, has confirmed that it experienced a network security breach earlier this year, in which an unauthorized third party gained control of several of its systems.

How bad is the human security weakness problem? Verizon’s 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement.

On 13 April 2023, through our recently launched Threat Intelligence Data Feeds (TIDF), we identified more than 1 million suspicious and malicious domains that figured in phishing, malware distribution, spam, and other cyber attacks, such as brute-force and distributed denial-of-service (DDoS) attacks.

Although honeypots are an effective solution for tracking attackers and preventing data theft, they have yet to be widely adopted due to their setup and maintenance difficulties.

If you want to get a sense of Continue reading

0

Heavy Networking 680: Speed Up Mean Time To WAN Innocence With Broadcom NetOps (Sponsored)

It's common for SD-WAN vendors to offer monitoring as part of the solution, but leaves the question … how do I monitor the rest of the network? Today’s sponsor Broadcom offers digital experience monitoring that is independent of the underlying WAN infrastructure. We explore how it works with guest is Jeremy Rossbach, Chief Technical Evangelist, NetOps by Broadcom.

0

Heavy Networking 680: Speed Up Mean Time To WAN Innocence With Broadcom NetOps (Sponsored)

It's common for SD-WAN vendors to offer monitoring as part of the solution, but leaves the question … how do I monitor the rest of the network? Today’s sponsor Broadcom offers digital experience monitoring that is independent of the underlying WAN infrastructure. We explore how it works with guest is Jeremy Rossbach, Chief Technical Evangelist, NetOps by Broadcom.

The post Heavy Networking 680: Speed Up Mean Time To WAN Innocence With Broadcom NetOps (Sponsored) appeared first on Packet Pushers.

0

UK announces $1.2B chip strategy, faces criticism over funding size

The UK government has finally unveiled its delayed 10-year strategy for supporting the country’s semiconductor industry, which includes £1 billion ($1.24 billion) in  investments to drive research and development efforts and shore up the industry’s talent pipeline.More than two years after the strategy was first promised, Prime Minister Rishi Sunak announced the policy Friday at a meeting of leaders of the G7 group of nations in Japan, coinciding with an agreement to launch a "semiconductors partnership" between the two countries in order to boost supply-chain resilience.“Semiconductors underpin the devices we use every day and will be crucial to advancing the technologies of tomorrow,” Sunak said in a statement. “Our new strategy focuses our efforts on where our strengths lie, in areas like research and design, so we can build our competitive edge on the global stage.”To read this article in full, please click here