SPONSORED: The value of great engineering is often overlooked, yet almost every object we use on a daily basis has been meticulously designed and tested by somebody somewhere to deliver the best possible performance and meet exacting cost and efficiency requirements. …
Power to the engineering people was written by Martin Courtney at The Next Platform.
After I got the testing infrastructure in place (simple DHCP relay, VRF-aware DHCP relay), I was ready for the real fun: DHCP relaying in VXLAN (and later EVPN) segments.
TL&DR: It works exactly as expected. Even though I had anycast gateway configured on the VLAN, the Arista vEOS switches used their unicast IP addresses in the DHCP relaying process. The DHCP server had absolutely no problem dealing with multiple copies of the same DHCP broadcast relayed by different switches attached to the same VLAN. One could only wish things were always as easy in the networking land.
After I got the testing infrastructure in place (simple DHCP relay, VRF-aware DHCP relay), I was ready for the real fun: DHCP relaying in VXLAN (and later EVPN) segments.
TL&DR: It works exactly as expected. Even though I had anycast gateway configured on the VLAN, the Arista vEOS switches used their unicast IP addresses in the DHCP relaying process. The DHCP server had absolutely no problem dealing with multiple copies of the same DHCP broadcast relayed by different switches attached to the same VLAN. One could only wish things were always as easy in the networking land.
https://codingpackets.com/blog/cloud-notes-aws-elb
I have blog post ideas sitting in my to-write queue for over a decade. One of them is why would you need a VRF (and associated router) between virtual servers and a firewall?
Andrea Dainese answered at least part of that question in his Off-Path firewall with Traffic Engineering blog post. Enjoy!
I have blog post ideas sitting in my to-write queue for over a decade. One of them is why would you need a VRF (and associated router) between virtual servers and a firewall?
Andrea Dainese answered at least part of that question in his Off-Path firewall with Traffic Engineering blog post. Enjoy!
Another interesting take on ChatGPT in networking, this time by Tom Hollingsworth in The Dangers of Knowing Everything:
In a way, ChatGPT is like a salesperson. No matter what you ask it the answer is always yes, even if it has to make something up to answer the question.
To paraphrase an old joke: It’s not that ChatGPT is lying. It’s just that what it knows isn’t necessarily true. See also: the difference between bullshit and lies.
Another interesting take on ChatGPT in networking, this time by Tom Hollingsworth in The Dangers of Knowing Everything:
In a way, ChatGPT is like a salesperson. No matter what you ask it the answer is always yes, even if it has to make something up to answer the question.
To paraphrase an old joke: It’s not that ChatGPT is lying. It’s just that what it knows isn’t necessarily true. See also: the difference between bullshit and lies.
Arista Networks has announced two hardware WAN routers, the 5510 and the 5310, which are targeted at branch, edge, and remote sites. The routers run EOS with a full routing stack. The new hardware can run as standard routers, or be used for SD-WAN with all the features you’d expect, including support for multiple links and app identification. Ethan Banks and Drew Conry-Murray share what they learned in a briefing with the company and debate the strategy behind Arista's entry into the SD-WAN market.
The post Briefings In Brief 103: Arista Enters The SD-WAN Arena appeared first on Packet Pushers.
On today's Heavy Networking we sub in a podcast from our Heavy Strategy channel. Greg Ferro from the Packet Pushers and Johna Till Johnson, CEO of Nemertes Research, discuss the impacts of ChatGPT and AI on the technology workspace, including whether human workers can partner with these tools to increase productivity and improve technology experiences. They don't have answers, but they do have unanswered questions.
The post Heavy Networking 671: Is ChatGPT Coming For Your Job? appeared first on Packet Pushers.
Containers are still the hot new technology in the datacenter to some, but many of the pieces and parts that eventually would find their way into today’s container platforms have long-since been used by enterprises and developers thanks to Docker. …
Docker Helped Invent Containers, And Is Now Reinventing Itself was written by Jeffrey Burt at The Next Platform.
Middleboxes are used in modern networking to sniff out attack traffic (IDS), block unwanted traffic (stateful packet filters), and share load among several different servers. Encryption, however, is making it hard for the middleboxes to do their job. Paul Grubb joins Tom Ammon and Russ White to discuss zero knowledge middle boxes, which allow operators to enforce arbitrary policies on the underlying traffic of an encrypted connection without decrypting it.
To find out more about Paul’s work in this and other areas, please see Paul’s research page, this article on zero-knowledge middleboxes, and this research paper on zero knowledge middle boxes.
On the Cloudflare Developer Platform, we understand that building any application is a unique experience for every developer. We know that in the developer ecosystem there are a plethora of tools to choose from and as a developer you have preferences and needs. We don’t believe there are “right” or “wrong” tools to use in development and want to ensure a good developer experience no matter your choices. We believe in meeting you where you are.
When Pages Functions moved to Generally Available in November of last year, we knew it was the key that unlocks a variety of use cases – namely full-stack applications! However, we still felt we could do more to provide the flexibility for you to build what you want and how you want.
That’s why today we’re opening the doors to developers who want to build their server side applications with something other than JavaScript. We’re excited to announce WebAssembly support for Pages Functions projects!
WebAssembly (or Wasm) is a low-level assembly-like language that can run with near-native performance. It provides programming languages such as C/C++, C# or Rust with a compilation target, enabling them to run alongside JavaScript. Primarily designed to run on Continue reading
Last week I shared how IPng Networks deployed a loadbalanced frontend cluster of NGINX webservers that have public IPv4 / IPv6 addresses, but talk to a bunch of internal webservers that are in a private network which isn’t directly connected to the internet, so called IPng Site Local [ref] with addresses 198.19.0.0/16 and 2001:678:d78:500::/56.
I wrote in [that article] that IPng will be using ACME HTTP-01 validation, which asks the certificate authority, in this case Let’s Encrypt, to contact the webserver on a well-known URI for each domain that I’m requesting a certificate for. Unsurprisingly, several folks reached out to me asking “well what about DNS-01”, and one sentence caught their eye:
Some SSL certificate providers allow for wildcards (ie.
*.ipng.ch), but I’m going to keep it relatively simple and use [Let’s Encrypt] which offers free certificates with a validity of three months.
I could’ve seen this one coming! The sentence can be read to imply it doesn’t, but of course Let’s Encrypt offers wildcard certificates. It just doesn’t satisfy my relatively simple qualifier of the second part of the sentence … So here I go, down the Continue reading