CCDE – Inter AS L3 VPNs

Introduction

Sometimes a customer needs a L3 VPN between two locations where the same SP is not present. This can be on a national or international basis. It would be possible to buy an Internet circuit and run an overlay such as DMVPN but what if the customer wants to buy a MPLS VPN circuit?

The customer could buy a VPN from SP1 in location1 and a VPN from SP2 in location2. The two SPs would then have to exchange traffic somehow to make the customer circuit end to end. The concept is shown in the following topology.

Inter-AS-L3VPN Overview
Inter-AS-L3VPN Overview

The customer connects to the PE of each of the SPs. The SPs need to interconnect at some common point, either through a public peering place such as an IX or with an private interconnect at a common location. The routers that connect to each other are called autonomous system border routers (ASBR). There are three main options and a fourth option which combines two of the others.

Inter-AS Option A

Option A is the most simple of the options to interconnect the ASBRs. Each customer VRF requires either a physical interface or more likely a subinterface. Option A has Continue reading

DOD to invite security experts to Hack the Pentagon

The U.S. Department of Defense plans to ask computer security experts to Hack the Pentagon as part of a push to improve its cyber defenses.The initiative is similar to the bug bounty programs run by commercial software companies seeking to reward hackers who report security vulnerabilities in code. The DOD says it's the first cyber bug bounty program in the history of the federal government.The DOD program, which will launch in April, will ask participants to examine its public Web pages, searching out vulnerabilities and attack launching points.But the program will only go that far. The DOD's classified networks will be off-limits to the participants, and they won't be free to launch actual attacks on any of the department's public-facing sites.To read this article in full or to leave a comment, please click here

Video: What’s New in Docker Swarm 1.1

Last week we released our Docker Datacenter solution to the world, bringing container management and deployment to the enterprise with an on-premises Containers-as-a-Service platform. Universal Control Plane, part of the Docker Datacenter solution, enables IT operations teams to manage and … Continued

Datanauts 025: Moving To The Cloud: IaaS Lessons Learned

The Datanauts talk pros and cons of adopting IaaS with guest Steve Winwood, a technical architect with direct experience in IaaS usage. We talk about when IaaS makes sense vs. building your own infrastructure, considerations for choosing a provider, how cloud app deployment is different, how to understand and manage costs, and more.

The post Datanauts 025: Moving To The Cloud: IaaS Lessons Learned appeared first on Packet Pushers.

Datanauts 025: Moving To The Cloud: IaaS Lessons Learned

The Datanauts talk pros and cons of adopting IaaS with guest Steve Winwood, a technical architect with direct experience in IaaS usage. We talk about when IaaS makes sense vs. building your own infrastructure, considerations for choosing a provider, how cloud app deployment is different, how to understand and manage costs, and more.

The post Datanauts 025: Moving To The Cloud: IaaS Lessons Learned appeared first on Packet Pushers.

You Want Your Network to Be like Google’s? Really?

This article was initially sent to my SDN mailing list. To register for SDN tips, updates, and special offers, click here.

During one of my SDN workshops one of the attendees working for a mid-sized European ISP asked me this question:

Our management tells us we should build our network like Google does, including building our own switches. Where should we start?

The only answer I could give him was “You don’t have a chance.

Read more ...

Estimating the Revenue of a Russian DDoS Booter

At the end of 2014, ASERT presented research where we mapped some DDoS booter advertisements on Russian language forums to their behind-the-scenes DDoS botnet infrastructures. For this post, we will follow up on that research a bit by looking at another one of these mappings and trying to estimate the revenue generated by the DDoS […]

Estimating the Revenue of a Russian DDoS Booter

At the end of 2014, ASERT presented research where we mapped some DDoS booter advertisements on Russian language forums to their behind-the-scenes DDoS botnet infrastructures. For this post, we will follow up on that research a bit by looking at another one of these mappings and trying to estimate the revenue generated by the DDoS […]

Turkish citizen charged with masterminding $55M ATM fraud pleads guilty

A Turkish citizen who led an operation that hacked into the systems of credit and debit card processing companies between 2011 and 2013 has pleaded guilty in a court in New York, according to officials.Ercan Findikoglu, 34, also known by his online nicknames Segate, Predator, and Oreon, pleaded guilty to computer intrusion conspiracy, access device fraud conspiracy, and effecting transactions with unauthorized access devices before District Court Judge Kiyo A. Matsumoto of the U.S. District Court for the Eastern District of New York.Findikoglu was arrested in Germany in 2013 and was extradited to the U.S. in 2015. He could face up to over 57 years of imprisonment on sentencing, according to the U.S. Attorney’s Office in the Eastern District of New York. The operations of his group inflicted more than US$55 million in losses on the global financial system, it added.To read this article in full or to leave a comment, please click here

From Multi-Vendor To Single-Vendor

AerohiveLogoCareers take a funny turn a lot of times. Opportunities come up that you weren’t expecting and the timing is never as perfect as you want it to be. At least, that is how it has always been with me. I’ve learned though, that sometimes the best thing for you is to charge full speed ahead through the door, roll the dice, and take your chances. That is where I find myself right now. Having accepted an offer from Aerohive Networks to serve in a pre-sales engineering role in my local area, I am leaving behind a job and a company that I have enjoyed tremendously. Yes, there were times when I had to be talked off the ledge and keep on going. I think that comes with most jobs though. Overall, it has been a very rewarding almost 5 years working for a value added reseller(VAR) and I will miss it greatly.

In the span of a few months, I had to decide to give up the following:

1. Multi-vendor implementations and support.
2. Studying for the CCIE Wireless lab exam with 1 failed lab attempt already under my belt.
3. Involvement with other vendors courtesy of social media(blogging, Continue reading

Netronome Brings Virtual Networking Hardware Offload To Busy CPUs

Netronome Agilio is a niche play for customers with specific compute requirements centered around OVS and, soon, Juniper Contrail. The majority of data center owners are likely to find that they just don't have the problems that Netronome is solving, but those that do will be pleased that Netronome exists.

The post Netronome Brings Virtual Networking Hardware Offload To Busy CPUs appeared first on Packet Pushers.

Netronome Brings Virtual Networking Hardware Offload To Busy CPUs

Netronome Agilio is a niche play for customers with specific compute requirements centered around OVS and, soon, Juniper Contrail. The majority of data center owners are likely to find that they just don't have the problems that Netronome is solving, but those that do will be pleased that Netronome exists.

The post Netronome Brings Virtual Networking Hardware Offload To Busy CPUs appeared first on Packet Pushers.

The FBI should try to unlock a shooter’s iPhone without Apple’s help, a lawmaker says

The FBI might be able to copy the hard drive of an iPhone used by a mass shooter without triggering the device's auto-erase functions, thus eliminating the agency's need to take Apple to court, a company executive said Tuesday.Instead of forcing Apple to help defeat the iPhone password security that erases the device's contents after 10 unsuccessful attempts, it may be possible to make hundreds of copies of the hard drive, said Bruce Sewell, Apple's senior vice president and general counsel.Apple doesn't know the condition of the iPhone used by San Bernardino mass shooter Syed Rizwan Farook, so it's unclear if mirroring the hard drive would work, but it's possible, Sewell said during a congressional hearing.To read this article in full or to leave a comment, please click here

Social media cyberstalker gets 10 years in slammer

A 31-year-old Florida man got 10 years behind bars for hacking women’s social media accounts including Facebook, stealing pictures and personal information and posting it on pornographic websites.Specifically Michael Rubens was sentenced to 10 years in prison for cyberstalking, unauthorized access to a protected computer and aggravated identity theft, a $15,000 fine and $1,550 in restitution his crimes, according to acting Northern District of Florida U.S. Attorney Christopher Canova.+More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

The 3 fixes needed to get the network ready for the IoT revolution

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.

Cisco estimates 50 billion devices and objects will be connected to the Internet by 2020. And that estimate may be low. If consumers count every device that draws power in their home – lamps, light bulbs, kitchen gadgets – and then factor in objects at work, there may be many more billions of connected devices by then.

But the problem is, many traditional networks are still manual, static and complex, which isn’t ideal for IoT.  To realize the promise of a hyper-connected future, three shifts must take place.

To read this article in full or to leave a comment, please click here

How the Agile Manifesto can apply to the database

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

In 2001, a bunch of people got together and wrote a manifesto on Agile software. There were two main factors that made the output suspect. First, the fact that they even called it a manifesto. Second, the manifesto had nothing to do with software. It talked about values.

For those in need of a refresher, here’s the “Manifesto for Agile Software Development:”

We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value:
-- Individuals and interactions over processes and tools
-- Working software over comprehensive documentation
-- Customer collaboration over contract negotiation
-- Responding to change over following a plan --
That is, while there is value in the items on the right, we value the items on the left more.

Somewhere along the line, we started doing daily standups, two-week sprints, maybe a little pair programming here and there. Since then our software output and productivity have sky-rocketed. Remember when we used to have an end-of-project company bug hunt? How about the integration Continue reading

1 3,025 3,026 3,027 3,028 3,029 3,752