0

Cloudflare’s commitment to the 2023 Summit for Democracy

On Tuesday, March 28, 2023, the US Government will launch the Summit for Democracy 2023, following up on the inaugural Summit for Democracy 2021. The Summit is co-hosted by the United States, Costa Rica, Zambia, the Netherlands, and South Korea. Cloudflare is proud to participate in and contribute commitments to the Summit because we believe that everyone should have access to an Internet that is faster, more reliable, more private, and more secure.  We work to ensure that the responsibility to respect human rights is embedded throughout our business functions. Cloudflare’s mission — to help build a better Internet — reflects a long-standing belief that we can help make the Internet better for everyone.

Our mission and core values dovetail with the Summit’s goals of strengthening democratic governance, respect for human rights and human rights defenders, and working in partnership to strengthen respect for these values. As we have written about before, access to the Internet allows activists and human rights defenders to expose abuses across the globe, allows collective causes to grow into global movements, and provides the foundation for large-scale organizing for political and social change in ways that have never been possible before.

What is Continue reading

0

Wireshark Celebrates 25th Anniversary with a New Foundation

No doubt, countless engineers and hackers remember the first time they used newly-developed microscope to view cells for the first time ever: What was once just an inscrutable package had opened up to reveal a treasure trove of useful information. This year, the venerable Wireshark has turned 25, and its creators are taking a step back from this massively successful open source project, to let additional parties to help govern. This month, Sysdig, the current sponsor of Wireshark, launched a new foundation that will serve as the long-term custodian of the project. The

0

Pushing the boundaries of web-scale optical DCI performance

SPONSORED: For nearly 150 years, we’ve been doing our best to squeeze messages into light. …

Pushing the boundaries of web-scale optical DCI performance was written by Martin Courtney at The Next Platform.

0

What Happened to Leaf Switches with Four Uplinks?

The last time I spent days poring over vendor datasheets collecting information for the overview part of Data Center Fabrics webinar a lot of 1RU data center leaf switches came in two form factors:

• 48 low-speed server-facing ports and 4 high-speed uplinks
• 32 high-speed ports that you could break out into four times as many low-speed ports (but not all of them)

I expected the ratios to stay the same when the industry moved from 10/40 GE to 25/100 GE switches. I was wrong – most 1RU leaf data center switches based on recent Broadcom silicon (Trident-3 or Trident-4) have between eight and twelve uplinks.

0

What Happened to Leaf Switches with Four Uplinks?

The last time I spent days poring over vendor datasheets collecting information for the overview part of Data Center Fabrics webinar a lot of 1RU data center leaf switches came in two form factors:

• 48 low-speed server-facing ports and 4 high-speed uplinks
• 32 high-speed ports that you could break out into four times as many low-speed ports (but not all of them)

I expected the ratios to stay the same when the industry moved from 10/40 GE to 25/100 GE switches. I was wrong – most 1RU leaf data center switches based on recent Broadcom silicon (Trident-3 or Trident-4) have between eight and twelve uplinks.

0

Tech Bytes: Choosing Single-Vendor SASE For Networking And Security (Sponsored)

Today on the Tech Bytes podcast, sponsored by Palo Alto Networks, we get into Secure Access Services Edge (SASE), which combines SD-WAN with cloud-delivered security services. You can integrate parts from different vendors, but Palo Alto Networks is here to make a case for why you might want to consider a single-vendor approach.

0

Tech Bytes: Choosing Single-Vendor SASE For Networking And Security (Sponsored)

Today on the Tech Bytes podcast, sponsored by Palo Alto Networks, we get into Secure Access Services Edge (SASE), which combines SD-WAN with cloud-delivered security services. You can integrate parts from different vendors, but Palo Alto Networks is here to make a case for why you might want to consider a single-vendor approach.

The post Tech Bytes: Choosing Single-Vendor SASE For Networking And Security (Sponsored) appeared first on Packet Pushers.

0

The Dream Of Placing Blocks On Chip Designs With AI

Similar to interior designers trying to fit the chairs, tables, and other furniture in rooms inside of a home, chip designers have to figure out where the various bits and pieces of a processor will lie on confined floor plans where latency between parts matters. …

The Dream Of Placing Blocks On Chip Designs With AI was written by Jeffrey Burt at The Next Platform.

0

Ansible Validated Content: Introduction to infra.osbuild Collection

Introduction to the Image builder use case

During the last year we met with multiple edge customers, covering the automation needs for IT Linux infrastructure at scale across remote locations where there is often no IT staff on site. Think about retail stores, dark stores and warehouses where self-checkout, handhelds and POS devices hosting RHEL are distributed everywhere. 

For industrial setups and manufacture, this could be the scenario for small factor servers and storage hosting logging monitoring to gather information about operational activities, which are located in secure facilities. 

One of the recurrent needs for our customers with distributed devices is the ability to upgrade Linux devices faster, at scale, mostly due to regulations or security risks. Ideally, you should be able to patch at scale as soon as a vulnerability is identified. 

The main challenge with the traditional RPM patching model is that it is incremental, and frequently some Linux devices might have slight differences. That is why there are new edge-focused capabilities and models that start with the premise that you could and should test a whole base image, and once it passes your validations, it should be deployed into all the target devices that Continue reading

0

Network Break 423: Arista Woos Large Enterprises With New SD-WAN Router; Google Breaks Glass Enterprise

This week's Network Break covers Arista's new WAN routers that get the company into the SD-WAN market, debates whether Aryaka targeting SMEs is a sign of problems or opportunity, and discusses an update on the size of the SASE market. We also look at an HPE acquisition, the use of exploding USBs to target journalists, space networking, and more.

0

Network Break 423: Arista Woos Large Enterprises With New SD-WAN Router; Google Breaks Glass Enterprise

This week's Network Break covers Arista's new WAN routers that get the company into the SD-WAN market, debates whether Aryaka targeting SMEs is a sign of problems or opportunity, and discusses an update on the size of the SASE market. We also look at an HPE acquisition, the use of exploding USBs to target journalists, space networking, and more.

The post Network Break 423: Arista Woos Large Enterprises With New SD-WAN Router; Google Breaks Glass Enterprise appeared first on Packet Pushers.

0

VyOS dropped packet notifications

VyOS with Host sFlow agent describes how to configure and analyze industry standard sFlow telemetry recently added to the VyOS open source router platform. This article discusses sFlow dropped packet notifications support added to the latest release.

Dropped packets have a profound impact on network performance and availability. Packet discards due to congestion can significantly impact application performance. Dropped packets due to black hole routes, expired TTLs, MTU mismatches, etc. can result in insidious connection failures that are time consuming and difficult to diagnose. Visibility into dropped packets offers significant benefits for network troubleshooting, providing real-time network-wide visibility into the specific packets that were dropped as well the reason the packet was dropped. This visibility instantly reveals the root cause of drops and the impacted connections.

vyos@vyos:~$ show version
Version:          VyOS 1.4-rolling-202303260914
Release train:    current

Built by:         [email protected]
Built on:         Sun 26 Mar 2023 09:14 UTC
Build UUID:       72b34f74-bfcd-4b51-9b95-544319c2dac5
Build commit ID:  d68bda6a295ba9

Architecture:     x86_64
Boot via:         installed image
System type:       guest

Hardware vendor:  innotek GmbH
Hardware model:   VirtualBox
Hardware S/N:     0
Hardware UUID:    df0a2b79-b8c4-8342-a27f-76aa3e52ad6d

Copyright:        VyOS maintainers and contributors

Verify that the version of of VyOS is VyOS 1.4-rolling-202303260914 or later.

On VyOS dropped packet monitoring Continue reading

0

Introducing our first Authorized Service Delivery Partners for Cloudflare One

Cloudflare's commitment to building the most compelling and easy-to-use SASE platform on the market has led to significant growth over the past year. Cloudflare One services have seen the fastest adoption among our customers, with a 3x increase in partner bookings and a 70% YoY increase in transacting partners. Partners consistently cite the simplicity of our platform, our innovation, and our global network as key differentiators that are driving strong customer demand.

To continue building on this momentum and deliver required services that our customers may require, we previously announced the creation of our new specialization track for Authorized Services Delivery Partners (ASDP) as part of our efforts to continue growing our partnership program.

Cloudflare's Authorized Services Delivery Partner track is designed to authorize partners that meet our high standards for professional services delivery around Cloudflare One. Partners who undergo the rigorous technical validation process and meet the criteria for security, performance, and reliability of their services delivery capabilities are designated as Cloudflare Authorized Service Delivery Partners. This designation provides a variety of benefits, including access to Cloudflare One sourced opportunities requiring services, access to named Cloudflare One Service Delivery Managers, and access to special partner incentive funds designed to Continue reading

0

Home Automation — Finally Roller Curtains and Nightmares

< MEDIUM: https://raaki-88.medium.com/home-automation-finally-roller-curtains-and-nightmares-b8ef1fc473d9 >

Am a fan and enthusiast of home automation, tried various things in the past and now settled with few things which I would like to share.

1. Light Automation is the first and most popular thing to do — Initially I started wiring with PIR sensor available in Amazon, later upgraded the entire light system to Philips Hue and along with Philips Motion sensor, so far so good. Its expensive than my initial solution but had to choose that because of wired vs wireless situation in home
2. Smart-plugs are another common set of devices — while I have both combinations of commercially available one and also I personally flashed few of Sonoff smart switches with Tasmota firmware

. . .

Lets get to the Curtain Rollers — So for these here is the catch, I have a remote for these and thats about it, nothing more nothing less, My ideas were mostly around having network connectivity and manipulating them.

• First and foremost thought that these are blue-tooth based and am wrong

• I went to DFROBOT and bought IR-Transmitter and IR-Receiver, nope they dint work

• I went Amazon and bought some other IR-transmitter and Receiver — Again, wasted a Continue reading

0

Enabling Nested-Virtualisation on Google cloud platform Instance

< MEDIUM: https://raaki-88.medium.com/enabling-nested-virtualisation-on-google-cloud-platform-instance-7f80f3120834 >

Important Excerpt from the below page.

https://cloud.google.com/compute/docs/instances/nested-virtualization/overview

You must run Linux-based OSes that can run QEMU; you can’t use Windows Server images.

You can’t use E2, N2D, or N1 with attached GPUs, and A2 machine types.

You must use Intel Haswell or later processors; AMD processors are not supported. If the default processor for a zone is Sandy Bridge or Ivy Bridge, change the minimum CPU selection for the VMs in that zone to Intel Haswell or later. For information about the processors supported in each zone, see Available regions and zones.

Though there are many use cases, I will speak from a networking standpoint. Let us say you need to do some sort of lab based on popular vMX Juniper or Cisco or any other vendor, if you have a bare metal instance, you have the ability to access the virtualised CPU cores and allocate them to the Qemu which will be the underlying emulator.

Issue

Almost by default most of the cloud providers will disable access to VT-x because of various reasons and some instances are not capable of supporting this by default. So either choose a custom instance with Continue reading

0

Predictive network technology promises to find and fix problems faster.

With the assistance of artificial intelligence (AI) and machine learning (ML), predictive network technology alerts administrators to possible network issues as early as possible and offers potential solutions.The AI and ML algorithms used in predictive network technology have become critical, says Bob Hersch, a principal with Deloitte Consulting and US lead for platforms and infrastructure. "Predictive network technology leverages artificial neural networks and utilizes models to analyze data, learn patterns, and make predictions," he says. "AI and ML significantly enhance observability, application visibility, and the ability to respond to network and other issues."To read this article in full, please click here

0

Backup: Don’t forget cell phones used for work

Some organizations’ important data may be going unprotected if an application on someone’s mobile device creates it and then it sits there without being backed up. If the device is lost or stolen, the data is gone.You might think it’s easy to solve this problem by installing a backup app on the phone and using it. Unfortunately, it’s not that simple.The security models of Android and iOS devices allow each application to see only the data created by that application; therefore, you cannot install a backup application and have it back up data of other applications. The only way around this is to root the phone, but that’s a problem if the employee is using their personal phone for work. Most people are uncomfortable rooting their phone, especially just to satisfy their boss’s backup needs.To read this article in full, please click here

0

Power to the engineering people

SPONSORED: The value of great engineering is often overlooked, yet almost every object we use on a daily basis has been meticulously designed and tested by somebody somewhere to deliver the best possible performance and meet exacting cost and efficiency requirements. …

Power to the engineering people was written by Martin Courtney at The Next Platform.

0

DHCP Relaying in VXLAN Segments

After I got the testing infrastructure in place (simple DHCP relay, VRF-aware DHCP relay), I was ready for the real fun: DHCP relaying in VXLAN (and later EVPN) segments.

TL&DR: It works exactly as expected. Even though I had anycast gateway configured on the VLAN, the Arista vEOS switches used their unicast IP addresses in the DHCP relaying process. The DHCP server had absolutely no problem dealing with multiple copies of the same DHCP broadcast relayed by different switches attached to the same VLAN. One could only wish things were always as easy in the networking land.

0

DHCP Relaying in VXLAN Segments

After I got the testing infrastructure in place (simple DHCP relay, VRF-aware DHCP relay), I was ready for the real fun: DHCP relaying in VXLAN (and later EVPN) segments.

TL&DR: It works exactly as expected. Even though I had anycast gateway configured on the VLAN, the Arista vEOS switches used their unicast IP addresses in the DHCP relaying process. The DHCP server had absolutely no problem dealing with multiple copies of the same DHCP broadcast relayed by different switches attached to the same VLAN. One could only wish things were always as easy in the networking land.