KulCloud's Dipjyoti Saikia and Nikhil Malik discussed the primary use cases where PRISM can play a defining role. Read the full Q&A here!
One of the great things about APNIC is the amount of information about the state of the Internet Geoff Huston puts out each year. He’s recently posted two studies on the state of BGP and the state of IPv4 addresses as of 2015; they’re both well worth reading in full, but here are several key takeaways of particular interest.
BGP in 2015
Addressing in 2015
First, the size of the global (DFZ) table has crossed 512,000 routes. While the actual table size varies by your view of the network (BGP is a path vector protocol, which has many of the same attributes as a distance-vector protocol, including multiple views of the network), this is the first time the route view servers have actually crossed that number. Why is 512,000 a magic number? If there are 512,000 routes, there are likely 512,000 FIB entries (unless there’s some sort of FIB compression involved), and there are a number of older boxes that cannot support 512,000 routes in their FIB.
Second, the DFZ has been growing at a rate of about 7%-8% per year for a number of years. Given the number of new devices being added to the Internet, how can this Continue reading
The attitude of breach presumption is one that has fostered a family of seek-and-destroy security products. Find the infected system and fix it. Fair enough. Breach presumption is perhaps a wise posture to take, but it doesn’t mean we have to give up the perimeter. While some security consultants I’ve talked to tell me they […]
The post Skyport Systems: Fortress Infrastructure appeared first on Packet Pushers.
The attitude of breach presumption is one that has fostered a family of seek-and-destroy security products. Find the infected system and fix it. Fair enough. Breach presumption is perhaps a wise posture to take, but it doesn’t mean we have to give up the perimeter. While some security consultants I’ve talked to tell me they […]
The post Skyport Systems: Fortress Infrastructure appeared first on Packet Pushers.
Emerging standards for WiFi, Ethernet and more are poised to shatter the limitations of enterprise networking.
Leveraging unused fiber optic cables is becoming practical for more than large corporations.
Howdy. By now I hope y’all realize I don’t pull any punches and no subject is off-limits. Having said that, I want be upfront and say this subject is very near and dear to my heart and is one of my main areas of work for almost two years. I’ll do my best to be […]
The post Why Compatibility And Support Don’t Justify $1000 Optics appeared first on Packet Pushers.
Howdy. By now I hope y’all realize I don’t pull any punches and no subject is off-limits. Having said that, I want be upfront and say this subject is very near and dear to my heart and is one of my main areas of work for almost two years. I’ll do my best to be […]
The post Why Compatibility And Support Don’t Justify $1000 Optics appeared first on Packet Pushers.
I’ve found that when working with Fortigate firewalls and needing to be able to use the debug flow command set, it takes a bit too long to manually type out the commands. If you’re in a pressurised environment saving a few seconds here and there can be valuable. First we need to grab the script […]
The post Debug Generator – Fortigate Flow Trace appeared first on Packet Pushers.
I’ve found that when working with Fortigate firewalls and needing to be able to use the debug flow command set, it takes a bit too long to manually type out the commands. If you’re in a pressurised environment saving a few seconds here and there can be valuable. First we need to grab the script […]
The post Debug Generator – Fortigate Flow Trace appeared first on Packet Pushers.
More on BGP Table Version – the most unknown and unexplained, BGP concept/value that I rarely ever troubleshoot without This is part 2 in the 3 part series of “Understanding the BGP Table Version”. If you haven’t already read part... Read More ›
The post Understanding the BGP Table Version – Part 2: Example appeared first on Networking with FISH.
It all started with a tweet by Stephane Clavel:
@ioshints @BradHedlund I'm puzzled NSX dFW does not track connections seq #. Still true? To me this is std fw feature.
— stephaneclavel (@stephaneclavel) January 31, 2016
Trying to fit my response into the huge Twitter reply field I wrote “Tracking Seq# on FW should be mostly irrelevant with modern TCP stacks” and when Gal Sagie asked for more elaboration, I decided it’s time to write a blog post.
Read more ...