UDP: An Existentialist View
Do you sometimes feel as insignificant as a packet? Maybe technology does have its roots in philosophy.
Simply A Better Network for Converged Infrastructure and Your Storage
Plexxi had a really big year in 2015; growing year-over-year revenue by 10X and dramatically increasing our list of customers, signing an exclusive distribution relationship with Arrow Electronics and expanding our value added reseller network by 6X. We achieved all this through a relentless focus on providing transformational data center networking products and tools. Our solutions are purpose-built to support the people responsible for designing, architecting and supporting public and private clouds deployments. As I discussed in my last blog, we call these people Cloud Builders.
Cloud Builders are tasked with finding new ways to meet today’s dynamic business requirements. Traditionally, public cloud has been associated with speed, agility, elasticity and cost savings, whereas private cloud has been associated with control around application performance, latency and security. To support modern day business requirements Cloud Builders need to leverage both public and private cloud; it’s no longer an either/or scenario. Public and private clouds need to offer control over application performance, latency and security AND offer speed, agility, elasticity and cost savings.
We continue, as a company, to learn and adapt to market conditions by listening intently to customers, prospects and partners. Lately our conversations with Cloud Builders have revolved Continue reading
Can You Keep a Secret?
I've been developing an IPAM/DCIM tool for work over the past several months (more on that soon), and recently my focus has been on expanding it to store confidential data associated with network devices. Backup login credentials, TACACS+/RADIUS secrets, SNMP communities, and so on: Short strings that need to be stored securely.
Hashing
Storing a password or other small piece of sensitive data is different from merely authenticating against it. Most password storage mechanisms never actually store a user's actual password, but rather an irreversible hash of it. (That is if you're doing it correctly, at least.)
For example, the Django Python framework (which powers packetlife.net) by default employs salted SHA256 hashes to authenticate user passwords. When a password is saved, a random salt is generated and concatenated with the plaintext password. (A salt is used to prevent two identical passwords from producing the same hash.) The SHA256 algorithm is then run against the whole thing to produce a fixed-length hash. Here's an example in Python using Django's built-in make_password() function:
>>> from django.contrib.auth.hashers import make_password
>>> make_password("MyP@ssw0rd!")
u'pbkdf2_sha256$12000$x5E0yB2dh13m$ablUOER8qn4CxjmHZlJrUUA1Cb9MeLXvfggTnG56QpM='
Can You Keep a Secret?
I've been developing an IPAM/DCIM tool for work over the past several months (more on that soon), and recently my focus has been on expanding it to store confidential data associated with network devices. Backup login credentials, TACACS+/RADIUS secrets, SNMP communities, and so on: Short strings that need to be stored securely.
Hashing
Storing a password or other small piece of sensitive data is different from merely authenticating against it. Most password storage mechanisms never actually store a user's actual password, but rather an irreversible hash of it. (That is if you're doing it correctly, at least.)
For example, the Django Python framework (which powers packetlife.net) by default employs salted SHA256 hashes to authenticate user passwords. When a password is saved, a random salt is generated and concatenated with the plaintext password. (A salt is used to prevent two identical passwords from producing the same hash.) The SHA256 algorithm is then run against the whole thing to produce a fixed-length hash. Here's an example in Python using Django's built-in make_password() function:
>>> from django.contrib.auth.hashers import make_password
>>> make_password("MyP@ssw0rd!")
u'pbkdf2_sha256$12000$x5E0yB2dh13m$ablUOER8qn4CxjmHZlJrUUA1Cb9MeLXvfggTnG56QpM='
Can You Keep a Secret?
I've been developing an IPAM/DCIM tool for work over the past several months (more on that soon), and recently my focus has been on expanding it to store confidential data associated with network devices. Backup login credentials, TACACS+/RADIUS secrets, SNMP communities, and so on: Short strings that need to be stored securely.
Hashing
Storing a password or other small piece of sensitive data is different from merely authenticating against it. Most password storage mechanisms never actually store a user's actual password, but rather an irreversible hash of it. (That is if you're doing it correctly, at least.)
For example, the Django Python framework (which powers packetlife.net) by default employs salted SHA256 hashes to authenticate user passwords. When a password is saved, a random salt is generated and concatenated with the plaintext password. (A salt is used to prevent two identical passwords from producing the same hash.) The SHA256 algorithm is then run against the whole thing to produce a fixed-length hash. Here's an example in Python using Django's built-in make_password() function:
>>> from django.contrib.auth.hashers import make_password
>>> make_password("MyP@ssw0rd!")
u'pbkdf2_sha256$12000$x5E0yB2dh13m$ablUOER8qn4CxjmHZlJrUUA1Cb9MeLXvfggTnG56QpM='
Continue reading · No comments
Understanding the BGP Table Version – Part 3: Troubleshooting
More on BGP Table Version – the most unknown and unexplained, BGP concept/value that I rarely ever troubleshoot without This is part 3 and final post in the 3 part series of “Understanding the BGP Table Version”. If you haven’t... Read More ›
The post Understanding the BGP Table Version – Part 3: Troubleshooting appeared first on Networking with FISH.
Hashicorp Atlas workflow with Vagrant, Packer and Terraform
I have used and loved Vagrant for a long time and I recently used Consul and I was very impressed by both these Devops tools. Recently, I saw some of the videos of Hashiconf and I learnt that Hashicorp has an ecosystem of tools addressing Devops needs and that these tools can be chained together to create complete … Continue reading Hashicorp Atlas workflow with Vagrant, Packer and Terraform
CCDE – WAN Speeds and Basic Voice Calculation
I’m preparing for the CCDE practical and I was doing a practice scenario by Jeremy Filliben and I realized that I’m not comfortable with all of the WAN speeds so I might as well write a blog post on it. I was familiar with some of them like T1, E1, DS3, OC-192 etc but there are still some I could not remember. This post will describe some of the most commonly used WAN rates.
Some of the CCDE scenarios are based on that we are upgrading a network or migrating from an old network. In real life it’s likely that most service providers will already have moved to Ethernet but it makes a more interesting scenario to build a network mimicing the FRR capabilities of SDH for example.
Digital Signal 0 (DS0) is a rate that was introduced to carry a digitized single call at 64 kbits/s. A DS1 can transport 24 DS0 and runs at 1544 kbit/s. Note that 24 * 64 is 1536 but the extra 8 kbit/s is used for frame synchronization. A DS3 runs at 44736 kbit/s and can transport 28 DS1 or 672 DS0. A T3 also runs at the same rate as a DS3. Continue reading
Who Said What in an SDN Quiz?
John Herbert published an awesome blog post based on the recent Networking Field Day SDN discussion. Try to figure out who said what ;)… it's not that hard.SDxCentral Weekly News Roundup — February 5, 2016
Telefonica and Huawei try SDN+Optical; OPNFV holds a summer conference in Germany.
Twitter has to change
Today, Twitter announced that instead of the normal timeline of newest messages on top, they will prioritize messages they think you'll be interested in. This angers a lot of people, but my guess it's it's something Twitter has to do.Let me give you an example. Edward @Snowden has 1.4 million followers on Twitter. Yesterday, he retweeted a link to one of my blogposts. You'd think this would've caused a flood of traffic to my blog, but it hasn't. That post still has fewer than 5000 pageviews, and is only the third most popular post on my blog this week. More people come from Reddit and news.ycombinator.com than from Twitter.
I suspect the reason is that the older twitter gets, the more people people follow. (...the more persons each individual Twitter customer will follow). I'm in that boat. If you tweeted something more than 10 minutes since the last time I checked Twitter, I will not have seen it. I read fewer than 5% of what's possible in my timeline. That's something Twitter can actually measure, so they already know it's a problem.
Note that the Internet is littered with websites that were once dominant in Continue reading
Rackspace Needs More Than OpenStack Neutron
PLUMgrid fills the void.
PlexxiPulse—Barriers to Adoption
At the recent BOSNOG meetup where our co-founder and CTO Dave Husak hosted a discussion on the state of the network, a member of the audience asked what Plexxi’s barriers to adoption were. This struck a chord with Bill Koss, our VP of Strategic Accounts who was in attendance at the event. He outlined what he believes Plexxi’s barriers to adoption are and how Plexxi is provisioning networks for the modern era in a blog post. Give it a read and let us know what you think.
Below please find a few of our top picks for our favorite news articles of the week.
SearchSDN: SDN network security: Building a safer architecture
By Lee Doyle
IT buyers can select from a wide range of SDN tools to improve network security. VMware offers NSX to virtualize the network and provide micro-segmentation of data center assets. Cisco leverages the SDN capabilities of its Application Centric Infrastructure, in combination with its network security products, to enhance data center security. Rapid changes in IT technologies have altered the landscape of network security. With the advent of pervasive mobility, BYOD and the Internet of Things (IoT), organizations can no longer rely on a hardened network Continue reading