Containers, IPv6 and “SDN DNS” is why DNS is critical to your network architecture and day-to-day operations. At the same time, "DNS operations" doesn't seem to be getting the attention considering how critical it is to network, servers and DevOps alike. I wonder if I am missing something.
The post Musing: Increasing Dependence on DNS in SDN World appeared first on EtherealMind.
You’re asked to update the SSL certificate for movingpackets.net on a load balancer. The requestor (me, I suppose) gives you the certificate, the private key and passphrase, and the intermediate bundle file provided by the certificate authority.
movingpackets.net.crt
movingpackets.net.key
movingpackets.net-intermediate-chain.crt
You faithfully go to the load balancer, upload the files, enter the passphrase, and create a client SSL profile referencing the cert/key/chain combination I provided, and all is well. The only thing is, you have 200 VIPs on the load balancer, mostly issued by the same certification authority (CA), so don’t they nominally share the same intermediate chain? (Hint: Almost certainly, yes)
Here is the operational annoyance. The fact that the same intermediate certificate/chain has been uploaded 200 times with different names doesn’t stop things working, but it does seem rather inefficient. As far as I can determine, the F5 LTM load balancers (for example) actually concatenate all the uploaded certificates into a single bundle file and search the bundle when a certificate is referenced. I have no idea if there’s a huge performance gain here (unlikely), but it seems logical to want to minimize that file size regardless. On other Continue reading
Take a Network Break! Grab a coffee, a doughnut and then join us for an analysis of the latest IT news, vendor moves and new product announcements. We’ll separate the signal from the noise–or at least make some noise of our own.
The post Network Break 41 appeared first on Packet Pushers Podcast and was written by Greg Ferro.
[P]re-acting to something that hasn’t happened yet is nonsense.
Refusing to learn from people you don’t agree with isn’t a particularly modern vice, but in our world of information overload, where there are so many voices that we can choose to listen only to people we agree with, it does create a particularly modern narrowness of mind.
The post Worth Reading: Politics and Technology appeared first on 'net work.
Startup wants to put containers right next to the databases they crave.
I’m betting that I could take my certifications off my resume and still have a fair chance at finding a job. It’s a guess, of course, and I’ve never tried any sort of an experiment towards finding out, but the point is this: at some point in your career, certifications should become just one more thing on an excellent resume, rather than the focal point of your resume. Given this, why do I still support certifications? To answer this question, I need to back up into the certification development process a bit.
One of the strangest “mind trips” I’ve ever encountered was working with the “psycho’s” (psychometricians, really, but you know how engineers are with long words) through the entire CCDE/CCAr process. The two things we were challenged constantly were:
Both of these are hard questions.
The first question we turned into a simpler one (again, you know how engineers are): Why do I care? When someone would suggest a particular question or skill, they were immediately met with the counter — Do I care? If I were a designer working on a Continue reading
How does Internet work - We know what is networking
Network Packet Generator or Network Traffic Generator is a tool every network engineer will sooner or later want to use. Here’s one I found and it’s great! First time I saw an Ethernet frame in details on my CCNA class back in 2010 I immediately got the idea about generating some packets on my own. It was logical next step to ask myself: “Ok, so how can I make one of those and see what happens when I send it out on the network?”. I was not really sure that there is a tool that would make it possible. Don’t get me wrong,
How to generate network packets – Ostinato Packet/Traffic Generator
Geoff Huston published an interesting number-crunching exercise in his latest IPv6-focused blog post: 8% of the value of the global Internet (GDP-adjusted number of eyeballs) is already on IPv6, and a third of the top-30 providers (which control 43% of the Internet value) have deployed large-scale IPv6.
The message is clear: The big players have moved on. Who cares about the long tail?
Read more ...