Secret Sauce – vSphere Distributed Services Engine – Packet Pushers Livestream w/ Dell Technologies – Video

The vSphere Distributed Services Engine, part of vSphere 8.0, aims to help accelerate infrastructure network functions on the DPU. It enables modern distributed workloads to run with lower network latency and improved data throughput and provides more CPU resources to workloads and reduces operational overhead of DPU lifecycle management with integrated vSPhere workflows. In this […]

The post Secret Sauce – vSphere Distributed Services Engine – Packet Pushers Livestream w/ Dell Technologies – Video appeared first on Packet Pushers.

Digital platform conductors help manage hybrid networks

One of the biggest technology challenges organizations face is managing an increasingly complex environment that might include multiple cloud services and providers, on-site data centers, edge systems and other components.An emerging solution is an orchestration tool that taps into cloud management data, edge systems and on-premises infrastructure to provide a full picture of the environment and come up with recommendations to improve the flow of business workloads, cut costs, and streamline processes.To read this article in full, please click here

Digital Platform Conductor (DPC) tools help manage hybrid infrastructure

One of the biggest technology challenges organizations face is managing an increasingly complex environment that might include multiple cloud services and providers, on-site data centers, edge systems and other components.An emerging solution is an orchestration tool that taps into cloud management data, edge systems and on-premises infrastructure to provide a full picture of the environment and come up with recommendations to improve the flow of business workloads, cut costs and streamline processes.To read this article in full, please click here

Edgio adds advanced DDoS protection with other WAAP enhancements

The CDN provider's new DDoS scrubbing offering impersonates the customer’s network to phase out malicious traffic, and employs advanced IP masking at source to prevent direct-to-origin attacks.

Edgio adds advanced DDoS protection with other WAAP enhancements

The CDN provider's new DDoS scrubbing offering impersonates the customer’s network to phase out malicious traffic, and employs advanced IP masking at source to prevent direct-to-origin attacks.

Video: Packet Buffers in Data Center ASICs

A few years ago, we were fortunate enough to have Pete Lumbis talking about ASICs for Networking Engineers as part of the Data Center Fabric Architectures webinar.

One of the topics he couldn’t possibly skip was the question of how many packet buffers one needs in a data center switch.

Video: Packet Buffers in Data Center ASICs

A few years ago, we were fortunate enough to have Pete Lumbis talking about ASICs for Networking Engineers as part of the Data Center Fabric Architectures webinar.

One of the topics he couldn’t possible skip was the question of how many packet buffers one needs in a data center switch.

Case Study: VPP at Coloclue, part 2

• Author: Pim van Pelt, Rogier Krieger
• Reviewers: Coloclue Network Committee
• Status: Draft - Review - Published

Almost precisely two years ago, in February of 2021, I created a loadtesting environment at [Coloclue] to prove that a provider of L2 connectivity between two datacenters in Amsterdam was not incurring jitter or loss on its services – I wrote up my findings in [an article], which demonstrated that the service provider indeed provides a perfect service. One month later, in March 2021, I briefly ran [VPP] on one of the routers at Coloclue, but due to lack of time and a few technical hurdles along the way, I had to roll back [ref].

The Problem

Over the years, Coloclue AS8283 continues to suffer from packet loss in its network. Taking a look at a simple traceroute, in this case from IPng AS8298, shows very high variance and packetlo when entering the network (at hop 5 in a router called eunetworks-2.router.nl.coloclue.net):

                                       My traceroute  [v0.94]                
squanchy.ipng.ch (194.1.193.90) -> 185.52.227.1                           2023-02-24T09:03:36+0100
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                                          Packets               Pings
  Continue reading

HP Enterprise buys Athonet for its 5G portfolio

Looking to make a long-term splash in private-enterprise 5G, HPE has grabbed up Italian private cellular technology maker Athonet  for an undisclosed amount.Founded in 2005, Athonet says its goal is to speed and simplify private 5G deployments. Among other packages, it offers CBRS and 5G starter kits that include Athonet mobile packet core, SIM cards, a choice of radio and other components needed to set up private cellular networks quickly. In 2022 the company formed the 5G Consortium to bring vendors together to develop a 5G ecosystem. The group includes Google Cloud, AWS, Airspan, Bearcom, and Digi.Athonet technology will expand HPE’s 5G portfolio, which includes private 5G equipment integrated with its Aruba Wi-Fi gear to provide the option of using the technology that best meets enterprise requirements. HPE also has integrated 5G core technology it offers to service providers.To read this article in full, please click here

OARC 40

Navigating the security challenges of multi-tenancy in a cloud environment

Multi-tenancy can maximize the number of resources that are utilized in a cluster by sharing these resources between different groups, teams, or customers. However, boundaries must be placed to avoid problems associated with resource-sharing. On top of that, in a multi-tenant cluster, the number of security policies might gradually grow to the point where a slight misconfiguration could cause major security problems, performance issues, and service disruptions.

In this blog post, we will focus on multi-tenancy issues such as bandwidth shortage, security policy scaling, privacy impacts, and suggest a few solutions that you can deploy to solve them in your environment. We will also look at how an eBPF-based security design can offer better performance and help you navigate the complex multi-tenant environment with ease.

What is multi-tenancy?

Technologies such as virtualization, containerization, or any other technologies that allow a range of different workloads to share the underlying hardware resources, all have a common goal—allocate resources as efficiently as possible and make the most of the available hardware. However, it is common for workloads that are running in such an environment to not fully utilize all the potential power that the hardware can offer, and in many cases, leave a Continue reading

Bringing It All Together – VMware Project Monterey – Packet Pushers Livestream w/ Dell Technologies – Video

VMware’s Project Monterey creates a virtual environment to run applications and services on Data Processing Units (DPUs). VMware is partnering with multiple server OEMs and DPU vendors to bring Project Monterey to distributed infrastructure. In this video, Drew Conry-Murray from the Packet Pushers is joined by VMware’s Paul Turner, Vice President Product Management vSphere. We […]

The post Bringing It All Together – VMware Project Monterey – Packet Pushers Livestream w/ Dell Technologies – Video appeared first on Packet Pushers.

One year of war in Ukraine: Internet trends, attacks, and resilience

The Internet has become a significant factor in geopolitical conflicts, such as the ongoing war in Ukraine. Tomorrow marks one year since the Russian invasion of that country. This post reports on Internet insights and discusses how Ukraine's Internet remained resilient in spite of dozens of disruptions in three different stages of the conflict.

Key takeaways:

• Internet traffic shifts in Ukraine are clearly visible from east to west as Ukrainians fled the war, with country-wide traffic dropping as much as 33% after February 24, 2022.
• Air strikes on energy infrastructure starting in October led to widespread Internet disruptions that continue in 2023.
• Application-layer cyber attacks in Ukraine rose 1,300% in early March 2022 compared to pre-war levels.
• Government administration, financial services, and the media saw the most attacks targeting Ukraine.
• Traffic from a number of networks in Kherson was re-routed through Russia between June and October, subjecting traffic to Russia’s restrictions and limitations, including content filtering. Even after traffic ceased to reroute through Russia, those Ukrainian networks saw major outages through at least the end of the year, while two networks remain offline.
• Through efforts on the ground to repair damaged fiber optics and restore electrical power, Ukraine’s networks have Continue reading

Azure Networking Fundamentals: Virtual WAN Part 2 – VNet Segmentation

VNets and VPN/ExpressRoute connections are associated with vHub’s Default Route Table, which allows both VNet-to-VNet and VNet-to-Remote Site IP connectivity. This chapter explains how we can isolate vnet-swe3 from vnet-swe1 and vnet-swe2 using VNet-specific vHub Route Tables (RT), still allowing VNet-to-VPN Site connection. As a first step, we create a Route Table rt-swe12 to which we associate VNets vnet-swe1 and vnet-swe2. Next, we deploy a Route Table rt-swe3 for vnet-swe3. Then we propagate routes from these RTs to Default RT but not from rt-swe12 to rt-swe3 and vice versa. Our VPN Gateway is associated with the Default RT, and the route to remote site subnet 10.11.11.0/24 is installed into the Default RT. To achieve bi-directional IP connectivity, we also propagate routes from the Default RT to rt-swe-12 and rt-swe3. As the last step, we verify both Control Plane operation and Data Plane connections. 

Figure 12-1: Virtual Network Segmentation.

IPv6 Buzz 120: Revisiting IPv6 Address Allocation – What’s The Right Size For Your Organization?

IPv6 Buzz 120: Revisiting IPv6 Address Allocation – What’s The Right Size For Your Organization?

Today's podcast episode revisits the subject of IPv6 address allocation along with how changes in network planning and Regional Internet Registry (RIR) policy are influencing allocation size requests. We also look at how network trends around IoT, cloud, and SD-WAN might affect allocation size and how to overcome "IPv4 thinking."

The post IPv6 Buzz 120: Revisiting IPv6 Address Allocation – What’s The Right Size For Your Organization? appeared first on Packet Pushers.

How to use the echo command

In this Linux tip, we’re going to look at the echo command and several ways you can use it. First, on the command line, you can enter the echo command followed by a string to display some text. You can even include variables and commands.

Veeam Version 12 Brings More Innovation to Backup and Recovery

How Many Spines Should a Leaf-and-Spine Fabric Have?

One of my readers sent me a question along these lines:

How do we determine the number of spines needed in a leaf-and-spine fabric? It’s easy to calculate the number of leaf nodes from the required number of server ports, and two spines give you the redundancy. Does it make sense to have more spines if two are good enough from the capacity perspective?

There are at least two factors to consider:

How Many Spines Should a Leaf-and-Spine Fabric Have?

One of my readers sent me a question along these lines:

How do we determine the number of spines needed in a leaf-and-spine fabric? It’s easy to calculate the number of leaf nodes from the required number of server ports, and two spines give you the redundancy. Does it make sense to have more spines if two are good enough from the capacity perspective?

There are at least two factors to consider: