Label Switched Multicast — An Introduction

There are two common methods for transporting multicast packets within an MPLS-based Layer 3 VPN:

  1. Generic Routing Encapsulation (GRE) with Protocol Independent Multicast (PIM) (also known as “draft-rosen”)
  2. Label Switched Multicast (LSM)

There's also a third method which uses Resource Reservation Protocol-Traffic Engineering (RSVP-TE) but I'm not going to get into that one.

In this first post in a series on LSM, I'll describe how draft-rosen works, how LSM works, and then compare and contrast the two. Subsequent posts will focus solely on LSM.

At the end of this post, you will be able to describe conceptually how the control and data planes work with LSM and what the pros and cons are of LSM as compared to draft-rosen.

I will not be covering any theory on multicast or MPLS and will instead recommend that you be familiar with both topics before reading further.

Here we go!

Most Americans support the FBI over Apple, Pew study finds

Most Americans think that Apple should help the FBI unlock a smartphone used by one of the terrorists in the San Bernardino mass shooting, according to a study released Monday by the Pew Research Center. Fifty-one percent of those asked said they think Apple should unlock the iPhone to help the FBI with its investigation, while 38 percent said it should not unlock the phone to protect the security of its other users. Eleven percent of respondents had no opinion either way. Pew Pew found that a majority of Americans think Apple should help the FBI unlock the iPhoneTo read this article in full or to leave a comment, please click here

Are we in artificial intelligence winter?

Can the development of artificial intelligence technology be kicked up a notch? Scientists at Intelligence Advanced Research Projects Activity (IARPA) certainly hope so and recently issued a Request For Information about how AI advances could be made more quickly and consistently.“Artificial intelligence, defined here as computer simulation of cognitive processes such as perception, recognition, reasoning, and control, have captured the public’s imagination for over 60 years. However, artificial intelligence research has proceeded in fits and starts over much of that time, as the field repeats a boom/bust cycle characterized by promising bursts of progress followed by inflated expectations and finally disillusionment, leading to what has become known as an “AI winter” – a long period of diminished research and funding activity,” IARPA wrote.   IARPA is the high-risk, high-reward research arm of the Office of the Director of National Intelligence.To read this article in full or to leave a comment, please click here

Making an Innovator, a Network Original

Some of you may recognize the name Brocade. Yes, you may know Brocade as the leading supplier of data center networking products, and have heard of their IP connectivity and enterprise mobility solutions. But we’d like you to consider another side of Brocade — a side deep-rooted in the enabling technologies currently shaping and redefining... Read more →

Career Ladder, Salaries, and Retaining Top Talent

Reflecting on the recent PacketPushers podcasts on certifications and consulting life, I’m trying to document ideal conditions to train and retain top talent. (e.g. In the context of building a new consulting firm.) Please leave a comment to let me know what I’ve left out or gotten wrong. Establish a career ladder that clearly establishes […]

The post Career Ladder, Salaries, and Retaining Top Talent appeared first on Packet Pushers.

Career Ladder, Salaries, and Retaining Top Talent

Reflecting on the recent PacketPushers podcasts on certifications and consulting life, I’m trying to document ideal conditions to train and retain top talent. (e.g. In the context of building a new consulting firm.) Please leave a comment to let me know what I’ve left out or gotten wrong. Establish a career ladder that clearly establishes […]

The post Career Ladder, Salaries, and Retaining Top Talent appeared first on Packet Pushers.

IDG Contributor Network: Create a data recovery plan and secure your network

We discussed building malware defenses the last time out, but today we’re going to focus on Critical Security Controls 10, 11, and 12 covering data recovery, secure network configuration, and boundary defense.It’s unrealistic to think that you can completely avoid cyberattacks and data breaches, so it’s vital to have a proper data recovery plan in place. You can also tighten your defenses significantly by ensuring all of your network devices are properly configured, and by putting some thought into all of your potential network borders.To read this article in full or to leave a comment, please click here

Band-Aids over Basics: Anti-Drone Bill Revisions Compound Earlier Missteps

Glossing over fundamental legislation flaws in favor of quick fixes only serves lawyers and lobbyists.  In this guest post, friend of Errata Elizabeth Wharton (@lawyerliz) highlights the importance of fixing the underlying technology concepts as Georgia’s anti-drone legislation continues to miss the mark and kill innovation. 




by Elizabeth Wharton

Georgia's proposed anti-drone legislation, HB 779, remains on a collision course to crush key economic drivers and technology innovations within the state.  Draft revisions ignore all of the legislation's flawed technical building blocks in favor of a series of peripheral provision modifications (in some cases removing entire safe harbor carve-outs), making a bad piece of legislation worse for Georgia's film, research, and aviation technology industries. Only the lawyers and lobbyists hired to challenge and defend the resulting lawsuits benefit from this legislative approach.  Georgia should scrap this piece-meal, awkward legislation in favor of a commission of industry experts to craft a policy foundation for unmanned aircraft systems within Georgia.

Band-aid technology policy approaches skip over the technical issues and instead focus on superficial revisions.  Whether a company is prohibited from flying over a railroad track in addition to a road becomes a moot point when the definition of Continue reading

Startup touts four-factor authentication for VIP-level access

Startup Trusona is launching what it claims to be a 100% accurate authentication scheme aimed at corporate executives, premiere banking customers and IT admins who have unfettered authorization to access the most valued corporate assets.The system uses four-factor authentication to assure that the person logging in is the person they say they are. It requires a dongle that is tied to a set of specific devices (phones, tablets, laptops), certain cards with magnetic stripes that the user already owns, and a biometric ID based on how the card is swiped through the card reader on the dongle.The TruToken dongle is the miniaturization of anti-ATM-card cloning technology made by MagTek that reads not the digital data recorded on cards’ magnetic strips but rather the arrangement of the pattern of the barium ferrite particles that make the strips magnetic. The particles are so numerous and so randomly placed that no two strips have identical patterns, says Ori Eisen, Trusona’s CEO. That also makes the strips unclonable, he says.To read this article in full or to leave a comment, please click here

The Future is Bright! The Future is PoE?

Morpheus Tells You Where It's At

There’s no avoiding the fact that the much-hyped Internet of Things (IoT) is coming. Devices are popping up all over the place offering some form of wireless connectivity so that they can control (or be controlled) remotely, and if you want to run a Smart Building, having control over all the elements of the environment could be a huge benefit. To that end, Cisco is playing with the idea that maybe we can offer power (via PoE), networking (Ethernet) and maybe even save a little money, by using Cat6 Ethernet cabling to connect those devices.

Current State of IoT

Not everything needs to be hard-wired, for sure. Some devices can be battery powered and may need to be placed in places where any wiring would be undesirable or impossible. Other devices though, may require more than battery power to operate, and that means running power to their location. If the device needs to send or receive a reasonable amount of data, it may also need to run 802.11 wireless, or have a wired connection; the common 802.15.4 Low-Rate Wireless Personal Area Network (LR-WPAN) solution utilized by many connected devices may not provide enough bandwidth to be usable, and in Continue reading

MWC: Wi-Fi hack test shows ‘reckless’ behavior; MasterCard to expand ‘Selfie Pay’

Here are a couple of news tidbit from Mobile World Congress that caught my eye.Wi-Fi hack experiment highlighted “reckless” actions by MWC attendeesIt’s likely that many people flooding into the Barcelona Airport over the weekend were headed for Mobile World Congress – a destination which should be filled with people who are smart and knowledgeable regarding mobile devices, but Avast Software called some attendees’ behavior “reckless.”To read this article in full or to leave a comment, please click here

Securing BGP: A Case Study (4)

In part 1 of this series, I looked at the general problem of securing BGP, and ended by asking three questions. In part 2 and part 3, I considered the third question: what can we actually prove in a packet switched network. For this section, I want to return to the first question:

Should we focus on a centralized solution to this problem, or a distributed one?

There are, as you might expect, actually two different problems within this problem:

  • Assuming we’re using some sort of encryption to secure the information used in path validation, where do the keys come from? Should each AS build its own private/public key pairs, have anyone they want to validate the keys, and then advertise them? Or should there be some central authority that countersigns keys, such as the Regional Internet Registries (RIRs) so everyone has a single trust root?
  • Should the information used to validate paths be distributed or stored in a somewhat centralized database? At the extreme ends of this answer are two possibilities: every eBGP speaker individually maintains a database of path validation information, just like they maintain reachability information; or there are a few servers (like the root DNS servers) Continue reading

Anticipating the RSA Security Conference

Just a week to go before the biggest cybersecurity event of the year, the RSA Security Conference in San Francisco.  Building upon industry momentum and the dangerous threat landscape, I expect a record-breaking crowd from the Moscone Center to Union Square.What will be the focus on this year’s event?  Well it should be the global cybersecurity skills shortage which continues to get worse each year.  According to ESG research, 46% of organizations claim that they have a “problematic shortage” of cybersecurity skills, up for 28% last year (note: I am an ESG employee).  In my humble opinion, the cybersecurity skills shortage has become a national security issue demanding a more comprehensive strategy.  Here’s an article I recently wrote with more details on this topic. To read this article in full or to leave a comment, please click here

Beyond Centrino: Intel drives device changes for a 5G world

Intel sparked a wireless revolution over the last decade with its Centrino processor platform, designed to connect laptops over Wi-Fi, and now believes the 5G mobile standard will fuel the next big change in the way a new generation of devices communicate. The move to 5G networks will provide faster wireless connectivity through a host of technologies and change the way computing devices are built, said Aicha Evans, corporate vice president for Intel's Platform Engineering Group and general manager for the Communication and Devices Group. Wi-Fi is ubiquitous today, but upcoming changes may involve making cellular connectivity a common feature on laptops. This is why Intel is putting a lot of energy into modem development for laptops and mobile devices. To read this article in full or to leave a comment, please click here

1 3,140 3,141 3,142 3,143 3,144 3,854