Assuming the worst is not the best assumption
It was too bad to be true, but I should have known that assuming the worst was not the best assumption. I was driving the “other” car, the Saab, on the way back from the METNAV shop around eight in the morning. Since the shop was located in the middle of the three runways, this meant I had to drive across the 18 taxiway, along the white lines painted between the C-141’s, C-130’s, KC-10’s, F-4’s, and sometimes other odds and ends, and then past the Tower, off the flightline, and onto the “surface streets.” As I was coming off a call at around three in the morning, I wasn’t in uniform. For some reason, I hadn’t driven my normal car — a white Jeep — so the folks in the Tower certainly wouldn’t recognize me.
So when the SP flipped his lights on and pulled in behind me, I was worried. Just as the lights came on, I remembered something really important: I had forgotten to put my sticker on the car. You see, to drive on the flightline, you had to have a sticker on your car. There were various colors for the different areas you could gain Continue reading
Security for the New Battlefield
What will be our security challenge in the coming decade? Running trusted services even on untrusted infrastructure. That means protecting the confidentiality and integrity of data as it moves through the network. One possible solution – distributed network encryption – a new approach made possible by network virtualization and the software-defined data center that addresses some of the current challenges of widespread encryption usage inside the data center.
VMware’s head of security products Tom Corn recently spoke on the topic at VMworld 2015 U.S., noting, “Network encryption is a great example of taking something that was once a point product, and turning it into a distributed service—or what you might call an infinite service. It’s everywhere; and maybe more importantly it changes how you implement policy. From thinking about it through the physical infrastructure—how you route data, etcetera—to through the lens of the application, which is ultimately what you’re trying to protect. It eventually becomes really a check box on an application.”
VMware NSX holds the promise of simplifying encryption, incorporating it directly so that it becomes a fundamental attribute of the application. That means so as long as it has that attribute, any packet will be Continue reading
Enter the Octagon: Cisco ACI vs. VMware NSX
Which SDN product reigns supreme? NSX vs. ACI is a contentious and closely watched battle.
Enter the Octagon: Cisco ACI vs. VMware NSX (Page 2)
(Return to Page 1) About all of those numbers… “There’s a little bit of inflation in some of the numbers for both just because of the way that they package them,” Lerner says. The common perception is that Cisco “throws in” ACI whenever it does a Nexus 9000 switch deal, but Lerner says that ACI... Read more →
VMware NSX vs. Cisco ACI: Tale of the Tape
Here's a look at the vital stats in the network virtualization match up between Cisco and VMware.
Is OPNFV Forkaphobic?
OPNFV says 'no forking' to coders from telcos who are under commercial pressures.
Featured White Paper: How to Illuminate Blind Spots in a Virtualized Environment
Traditional taps are not enough to monitor and protect complex networks. Ixia outlines how to achieve visibility in virtualized environments without degrading performance.
HTTP Basic Authentication Primer
In this video, Tony Fortunato discusses the simple form of HTTP authentication and shows how to verify an application is using it via Wireshark.Reducing Risks Of New Technology Adoption
Deciding whether to adopt a new technology can be nerve-wracking. Terry Slattery outlines key steps you can take to minimize the risk.Packet- and Flow-Based Forwarding
I don’t like to correct my friends in public, but if someone says “I still believe that flow-based technologies will exceed the capabilities of packet-based technologies” (see Network Break 53), it’s time to revisit the networking fundamentals.
What is a flow?
According to Wikipedia (but what do they know…):
Read more ...KVM Performance Limits for virtual CPU cores
When using open-source network simulators that use KVM as a virtualization tool, each node in the network simulation is actually a KVM virtual machine so the maximum supported number of nodes in a network simulation is the same as the maximum number of KVM virtual machines that can run on the host computer.
Unfortunately, there seems to be no single authoritative statement about the maximum number of KVM virtual machines that can run on a host computer. Most information I could find about KVM limits does not publish absolute limits but, instead, recommends best practices.
In this post, I will synthesize the information available from many different sources into a single recommendation for the maximum number of KVM-based nodes that can run in an open-source network simulator running on a single host computer.
Collecting MAC and IP Adresses of Hosts Connected to Cisco Switches Using SNMP
The goal of this article is to introduce a script that automates a process of collecting MAC and IP address of hosts connected to CiscoCollecting MAC and IP Adresses of Hosts Connected to Cisco Switches Using SNMP
The goal of this article is to introduce a script that automates a process of collecting MAC and IP address of hosts connected to Cisco switches using Simple Network Management Protocol (SNMP). We will configure SNMP version 2c and 3 on Cisco switches and create a BASH script that collects required data for us. For this purpose I have created a test network lab using GNS3. The topology consists of three Cisco virtual switch appliances running vIOS-L2 and one network management station (NMS) based on Kali Linux. Network hosts are simulated by Core Linux appliances connected to Cisco vIOS-l2 switches.
1. GNS3 Lab
1.1 List of software used for creating GNS3 lab
- Host OS
x86-64 Linux Fedora with installed GNS3 1.3.11 and Qemu1.4.0 - Network Management Station
Linux Kali 3.18.0-kali3-amd64 - Swiches
Cisco vIOS l2 Software (vios_l2-ADVENTERPRISEK9-M), Version 15.2
Cisco Catalyst 3550 (C3550-IPSERVICESK9-M), Version 12.2(55)SE9 - Network Host (End device)
Linux Core 3.16.6-tinycore64
1.2 Network Topology Description
All virtual network and host devices are running inside GNS3 project and they are emulated by Qemu emulator and virtualizer. The only exception is a Cisco Catalyst 3550 switch that is connected to topology via GNS3 network Continue reading
Show 265: Future Of Networking: Martin Casado
Talking with Martin Casado on the Future of Networking. Its all about the applications.
The post Show 265: Future Of Networking: Martin Casado appeared first on Packet Pushers.
Show 265: Future Of Networking: Martin Casado
Talking with Martin Casado on the Future of Networking. Its all about the applications.
The post Show 265: Future Of Networking: Martin Casado appeared first on Packet Pushers.
How I made my custom keyboard layout on Linux and Windows
This post explains how to set up a keyboard layout the way I like it. It may not fit you at all, but it may give you ideas that would work for you.
In short: I remap Caps Lock to add some extra keys.
First a description of what my preferred keyboard layout is: I type Dvorak, but also want to occasionally use Swedish letters. There are a couple of Dvorak versions for Swedish, but since most of my typing is in English or programming I think they compromise too much on the accessibility of other keys to add these three Swedish characters.
So for decade or so I’ve been remapping Caps Lock to AltGr and holding down AltGr to add new keys. Typing “ö” quickly became fluent and easy, since it involves holding down one key with my left hand and pressing a key with another.
I used this method even before I switched to Dvorak, because if you’ve ever coded on a Swedish keyboard you should know how terrible it is. I know several Swedish programmers who use US keyboard layout all the time because of this, and simply live without being able to type proper Swedish.