Running VLAN, VXLAN and GRE together using Neutron & Openstack

There are numerous blogs out there with step by step instructions to setup OVS networking for openstack neutron to run various types of networks. I came up with this post to best explain how everything works in the Neutron land and what a typical openstack deployment looks like. If you are looking for a more step-by-step procedure to set things up this post is a good place to start i.e. understanding the networking concepts and design behind running all the commands listed on other blogs.

A Neutron openstack deployment or any cloud environment these days typically consist of a Network Controller (SDN controller) and a cluster of compute hosts or servers. The type of networking you choose to connect all of these together is entirely upto you and I've seen various ways by which this can be done. There is no correct or right way of doing this. It's what works for you but if you don't really have anything already setup and are planning on starting afresh you could probably use this as a template to design your networking.


What you see above are three servers - one network node and two compute nodes.
First we'll go through Continue reading

Malware peddlers offered Raspberry Pi money to infect your micro-PC

The Raspberry Pi—the popular mini-PC that's about the size of credit card—is attracting attention from malware distributors. But not in the sense that you might think.Last Wednesday, the Raspberry Pi Foundation tweeted a screenshot of an email in which a company effectively asked to install malware onto users Raspberry Pis.+ ALSO ON NETWORK WORLD Ultimate guide to Raspberry Pi operating systems, part 2 +In the email, the company, whose name was redacted, offered the Foundation money in order to distribute an exe file on Raspberry Pi machines (never mind the fact that the Raspberry Pi doesn't run Windows). Installing the exe would place a shortcut icon on the desktop; if you open it, you'd be taken to the company's website. "Then this is our target," the email reads in part.To read this article in full or to leave a comment, please click here

The most innovative and damaging hacks of 2015

Not a week went by in 2015 without a major data breach, significant attack campaign, or serious vulnerability report. Many of the incidents were the result of disabled security controls, implementation errors, or other basic security mistakes, highlighting how far organizations have to go in nailing down IT security basics.But looking beyond the garden-variety attacks and vulnerabilities lends great insight into the future of malicious activity and how to defend against it. And 2015 had its share of intriguing invasions, each of which highlighted the modified techniques that lead to new forms of breaches or pinpoint areas in need of new defenses. The past year saw cyber criminals adopting innovative approaches and state-sponsored actors becoming bolder. Motivations shifted, with financial gain no longer the sole reason for launching an attack. Inflicting physical damage, stealing trade secrets, hacking as a form of protest -- 2015 was a year in which malicious activity served many ends.To read this article in full or to leave a comment, please click here

Network Break 68: Juniper Firewall Burned, 2015 In Review

Network Break 68 looks at Juniper's ScreenOS vulnerabilities, analyzes NetApp's acquisition of SolidFire, and cheers Apple for opposing U.K. surveillance. Lastly, we review of some of our favorite stories from 2015, and a list of things we probably won't care about next year. Probably.

The post Network Break 68: Juniper Firewall Burned, 2015 In Review appeared first on Packet Pushers.

Network Break 68: Juniper Firewall Burned, 2015 In Review

Network Break 68 looks at Juniper's ScreenOS vulnerabilities, analyzes NetApp's acquisition of SolidFire, and cheers Apple for opposing U.K. surveillance. Lastly, we review of some of our favorite stories from 2015, and a list of things we probably won't care about next year. Probably.

The post Network Break 68: Juniper Firewall Burned, 2015 In Review appeared first on Packet Pushers.

Using AWS Lambda functions to create print ready files

In a nutshell, Peecho is all about turning your digital content into professionally printed products. Although it might look like a simple task, a lot of stuff happens behind the scenes to make that possible. In this article, we’re going to tell you about our  processing architecture as well as at a recent performance improvement with the integration of AWS Lambda functions.

Print-ready files

In order to make digital content ready for printing facilities, there are some procedures that must occur after the order is received and before the final printing. In printing industry this process is called pre-press and the Peecho platform fully automates its initial stages before routing orders to printers.

Once the file has been created by the customer and uploaded to Peecho, it undergoes our processing stage. During processing, the file is checked to make sure it contains all the elements necessary for a successful print run: do the images have the proper format and resolution, are all the fonts included, are the RGB/CMYK colors set up appropriately, are all layout elements such as margins, crop marks and bleeds set up correctly, etc.

All these checks are automated by our backend systems. The entire process is Continue reading

Top Posts of 2015

2015-top-posts-blog-top.png


As an eventful 2015 draws to a close we wanted to take a look back at the top posts of 2015.

Red Hat Acquires Ansible, The Open Source It Automation Company.

The title should come as no surprise, as many have predicted such an acquisition in the past. The similar open source ideologies, the technology fit, the executive team's open source background and the rapid adoption of Ansible in the enterprise certainly draw parallels to the world's leader in open source technology.

What was once a prediction is now reality, in just a little more than two years since Ansible, Inc., opened its doors, and we are thrilled! READ MORE

Managing VMware vSphere Guests With Ansible Tower

There are lots of ways to enable self-service VMs within an organisation - what some might call 'a private cloud'. However, these usually require layers and layers of complex software. What if you could leverage your existing hypervisor and 15 lines of code to do the same? And what if those 15 lines became an even simpler single click?

Ansible Core contains a module for managing virtual machines in VMware vSphere environments called vsphere_guest. Using this one module we can Continue reading

Top Posts of 2015

blogheader.pngAs an eventful 2015 draws to a close we wanted to take a look back at the top posts of 2015.

Red Hat Acquires Ansible, The Open Source It Automation Company.

The title should come as no surprise, as many have predicted such an acquisition in the past. The similar open source ideologies, the technology fit, the executive team's open source background and the rapid adoption of Ansible in the enterprise certainly draw parallels to the world's leader in open source technology.

What was once a prediction is now reality, in just a little more than two years since Ansible, Inc., opened its doors, and we are thrilled! READ MORE

Managing VMware vSphere Guests With Ansible Tower

There are lots of ways to enable self-service VMs within an organisation - what some might call 'a private cloud'. However, these usually require layers and layers of complex software. What if you could leverage your existing hypervisor and 15 lines of code to do the same? And what if those 15 lines became an even simpler single click?

Ansible Core contains a module for managing virtual machines in VMware vSphere environments called vsphere_guest. Using this one module we can talk Continue reading

The next wave of cybercrime will come through your smart TV

Smart TVs are opening a new window of attack for cybercriminals, as the security defenses of the devices often lag far behind those of smartphones and desktop computers. Running mobile operating systems such as Android, smart TVs present a soft target due to how to manufacturers are emphasizing convenience for users over security, a trade-off that could have severe consequences. Smart TVs aren't just consumer items, either, as the devices are often used in  corporate board rooms. Sales of smart TVs are expected to grow more than 20 percent per year through 2019, according to Research and Markets. While attacks against smart TVs are not widespread yet, security experts say it is only a matter of time before cybercriminals take note of the weaknesses.To read this article in full or to leave a comment, please click here

Dual Core Network Design

Dual core design, also known as dual plane or disjoint plane topologies, refers to a highly redundant network chosen by companies whose main objective is to improve the resiliency of their network. Created using different data planes, dual core design is implemented by companies that receive the service from the different service providers. Put simply, […]

The post Dual Core Network Design appeared first on Network Design and Architecture.

New products of the week 12.28.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.GigaVUE-FM applianceKey features: The GigaVUE-FM appliance simplifies the management and orchestration of visibility infrastructure and enables enterprises to increase the scale and reach of Gigamon’s Visibility Fabric with additional, dedicated compute capacity. More info.To read this article in full or to leave a comment, please click here

New Chinese law takes aim at encryption

A new law passed by China's Parliament on Sunday requires technology companies to assist the government in decrypting content, a provision that the country maintains is modeled after Western law. ISPs and telecommunication companies must provide technical assistance to the government, including decrypting communications, for terrorism-related investigations, according to Xinhua, China's official news agency. Xinhua quoted Li Shouwei, of the National People's Congress Standing Committee legislative affairs commission, as saying the law doesn't require technology companies to install "backdoors," the term for code that would give security agencies consistent, secret access to data, in software.To read this article in full or to leave a comment, please click here

The Network Automation Book

From OpenFlow to Software Defined Networking (SDN), there has been a lot of hype, 100s of millions of dollars in venture funding, and billions in exits within the network industry over the past 5+ years. The one thing we know for certain about the industry in all of this is that change is here, and more is coming, which is exactly the reason for this post!

Ironically, I also started this blog 5+ years ago. In the beginning, this blog was a lot of speculation around OpenFlow and the future of Software Defined Networking (SDN). Nowadays, it’s rare to hear me mention SDN at all, and the focus is much more practical on tools and technology that can help solve real problems. For those that have been reading for a while, you probably saw this shift in addition to the career shift I made 18+ months ago. These shifts go hand in hand with a new project I’ve been working on.

It’s with great pleasure that I’m finally able to announce a project that started several months ago that falls in-line with exactly the same topics you read about frequently on this blog.

What is the Project?

It’s a book! Continue reading