Network Namespaces: The New Access Layer

When considering containers and how they connect to the physical network, it may be easy to assume that this paradigm is identical to the connectivity model of virtual machines. However, the advent of container technology has really started to popularize some concepts and new terminology that you may not be familiar with, especially if you’re new to the way linux handles network resources.

What is a Namespace?

It’s important to understand this concept, because containers are NOT simply “miniature virtual machines”, and understanding namespaces is very important to conceptualizing the way a host will allocate various system resources for container workloads.

Generally, namespaces are a mechanism by which a Linux system can isolate and provide abstractions for system resources. These could be filesystem, process, or network resources, just to name a few.

The man page on linux namespaces goes into quite a bit of detail on the various types of namespaces. For instance, mount namespaces provide a mechanism to isolate the view that different processes have of the filesystem hierarchy. Process namespaces allow for process-level isolation, meaning that two processes in separate process namespaces can have the same PID. Network namespaces - the focus of this particular post - allow Continue reading

Network Namespaces: The New Access Layer

When considering containers and how they connect to the physical network, it may be easy to assume that this paradigm is identical to the connectivity model of virtual machines. However, the advent of container technology has really started to popularize some concepts and new terminology that you may not be familiar with, especially if you’re new to the way linux handles network resources.

What is a Namespace?

It’s important to understand this concept, because containers are NOT simply “miniature virtual machines”, and understanding namespaces is very important to conceptualizing the way a host will allocate various system resources for container workloads.

Generally, namespaces are a mechanism by which a Linux system can isolate and provide abstractions for system resources. These could be filesystem, process, or network resources, just to name a few.

The man page on linux namespaces goes into quite a bit of detail on the various types of namespaces. For instance, mount namespaces provide a mechanism to isolate the view that different processes have of the filesystem hierarchy. Process namespaces allow for process-level isolation, meaning that two processes in separate process namespaces can have the same PID. Network namespaces - the focus of this particular post - allow Continue reading

Network Namespaces: The New Access Layer

When considering containers and how they connect to the physical network, it may be easy to assume that this paradigm is identical to the connectivity model of virtual machines. However, the advent of container technology has really started to popularize some concepts and new terminology that you may not be familiar with, especially if you’re new to the way linux handles network resources. What is a Namespace? It’s important to understand this concept, because containers are NOT simply “miniature virtual machines”, and understanding namespaces is very important to conceptualizing the way a host will allocate various system resources for container workloads.

Network Namespaces: The New Access Layer

When considering containers and how they connect to the physical network, it may be easy to assume that this paradigm is identical to the connectivity model of virtual machines. However, the advent of container technology has really started to popularize some concepts and new terminology that you may not be familiar with, especially if you’re new to the way linux handles network resources. What is a Namespace? It’s important to understand this concept, because containers are NOT simply “miniature virtual machines”, and understanding namespaces is very important to conceptualizing the way a host will allocate various system resources for container workloads.

OpenStack Summit 2015 Day 1 Keynote

This is a liveblog of the Day 1 keynote at the OpenStack Summit here in Tokyo, Japan. As is quite often the case at conferences like this, the wireless network is strained to its limits, so I may not be able to publish this liveblog until well after the keynote ends (possibly even later in the day).

After a brief introduction by one of the leaders of the OpenStack Japan User Group (I couldn’t catch his name), Jonathan Bryce takes the stage. Jonathan takes a few minutes to welcome the attendees, thank the conference sponsors, and go over some logistics (different hotels, meals, getting help, etc.). Jonathan announces the first individual certification for OpenStack—the Certified OpenStack Administrator. The certification test will be available starting in 2016. Not many details are given; I assume that more details will be released in the coming days and weeks.

Jonathan also takes a moment to talk about Liberty, the 12th release of OpenStack. Based on the features added, he feels that manageability, scalability, and extensibility were the key themes for Liberty. This leads Jonathan into a discussion of users and developers, sometimes (not beneficially) separated by sales and product management. Jonathan feels that Continue reading

Feds snuff-out e-cigs in checked commercial baggage

DoT Saying portable electronic smoking devices such as e-cigarettes, e-cigars, e-pipes or personal vaporizers are basically a fire threat the Department of Transportation in coordination with the Federal Aviation Administration today ruled that the devices will no longer be allowed in checked luggage on commercial aircraft(they still can be carried in carry-on bags but cannot be charging). +More on Network World: 21 more crazy and scary things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

Your design should be usable !

Whatever you design , it should be usable first. Computer network design is not an exception.You are not designing a network to support one service only such as VPN or Internet.It should provide enough functionality for today and future needs. Your design should be usable today and the future ! It was so common to use… Read More »

The post Your design should be usable ! appeared first on Network Design and Architecture.

CloudGenix SD-WAN Whitepaper by Packet Pushers

Packet Pushers took on an SD-WAN whitepaper sponsored by CloudGenix. There were two main ideas behind this whitepaper. (1) Describe a typical SD-WAN solution. (2) Discuss CloudGenix specifics. When done reading, you should know both what SD-WAN will do for you, as well as how to integrate CloudGenix into your existing WAN with a minimum of disruption. Download with no regwall from here: http://bit.ly/PPCGWP.

The post CloudGenix SD-WAN Whitepaper by Packet Pushers appeared first on Packet Pushers.

CCNA Security 210-260 IINS

As some of you probably already know, the CCNA Security IINS exam topics have been refreshed from version 2.0 to version 3.0. The new exam is now called CCNA 210-260 “Implementing Cisco Network Security”. We will now take a look at the differences between the two exams and highlight the most important topic changes.

First thing, IINS 3.0 topics combine and adjust the current domains. Instead of covering nine domains (IINS 2.0), only seven domains are now included. This change was made to better reflect current job roles and job tasks typically performed by CCNA Security individuals. Note that although there are fewer domains, the exam remains the same length – it lasts for 90 minutes and contains 60-70 questions. This is because some new technologies were added and certain topic areas are now covered in more depth. The exam prerequisites did not change – you will not be able to obtain a valid CCNA Security Certificate until you already possess a valid CCENT or CCNA R&S, or any CCIE certificate.

In general, the new CCNA Security exam tests the candidate’s knowledge of secure network infrastructure, understanding core security concepts, managing secure access, VPN encryption, firewalls, Continue reading

1 3,238 3,239 3,240 3,241 3,242 3,808