Show 244 – Design & Build #3 – Dual Stack IPv4 + IPv6

In this third entrant into the design & build series, Guilherme Goes & Jeff Carrell join Ethan Banks for a discussion of running IPv4 & IPv6 dual stack.

The post Show 244 – Design & Build #3 – Dual Stack IPv4 + IPv6 appeared first on Packet Pushers.

Show 244 – Design & Build #3 – Dual Stack IPv4 + IPv6

In this third entrant into the design & build series, Guilherme Goes & Jeff Carrell join Ethan Banks for a discussion of running IPv4 & IPv6 dual stack.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

TwitterGoogle+LinkedIn

The post Show 244 – Design & Build #3 – Dual Stack IPv4 + IPv6 appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Uber throws in the towel in battle with French taxi drivers

Uber Technologies is suspending its UberPop service in France, after a bitter fight with taxi drivers who say the service breaks the law.The company plans to remove access to UberPop from its mobile app in France from 8 p.m. local time Friday, it said in a blog post.UberPop allows passengers to hail rides from unlicensed drivers and is similar to the Uber X service offered in the United States and other countries.Uber has been disrupting transportation markets around the world—nowhere more so than in Paris, where taxi drivers recently blocked highways and airport entrances with burning tires in protest at the company’s behavior. The protests also reportedly included attacks on Uber drivers, their vehicles and passengers. The taxi drivers are angry because, they say, UberPop breaches a new law on hiring vehicles with a driver that entered effect on Jan. 1.To read this article in full or to leave a comment, please click here

Your Docker Agenda in July

Five smartphones to look forward to

If you’re planning to buy a new smartphone this year, but haven’t bought one yet it might be better to wait a bit longer: Apple, Samsung Electronics and OnePlus are all expected to launch new models in the next couple of months.Here are some of the models you should see during the second half of the year:OnePlus 2While most of the products on this list (and their specs) are just rumors, Chinese smartphone maker OnePlus has been busy detailing its 2 model, which will be launched on July 27.So far, OnePlus has revealed the phone will have a fingerprint sensor and be powered by Qualcomm’s Snapdragon 810. The company is using an upgraded version of the processor, v2.1, that isn’t susceptible to the overheating issues that the first version reportedly suffered from, it said.To read this article in full or to leave a comment, please click here

Five smartphones to look forward to

If you’re planning to buy a new smartphone this year, but haven’t bought one yet it might be better to wait a bit longer: Apple, Samsung Electronics and OnePlus are all expected to launch new models in the next couple of months.Here are some of the models you should see during the second half of the year:OnePlus 2While most of the products on this list (and their specs) are just rumors, Chinese smartphone maker OnePlus has been busy detailing its 2 model, which will be launched on July 27.So far, OnePlus has revealed the phone will have a fingerprint sensor and be powered by Qualcomm’s Snapdragon 810. The company is using an upgraded version of the processor, v2.1, that isn’t susceptible to the overheating issues that the first version reportedly suffered from, it said.To read this article in full or to leave a comment, please click here

Ad fraud Trojan updates Flash Player so that other malware can’t get in

Someone call the malware antitrust commission: Recent versions of the Kovter ad fraud Trojan, which infects computers through Web-based exploits, close the door after themselves by updating Flash Player to the latest version.The new and somewhat surprising behavior was recently observed by a malware researcher known online as Kafeine, who specializes in tracking drive-by download attacks that use exploit kits.Kovter is used for so-called click or advertising fraud. Once installed on a computer, it hijacks the browser process and uses it to simulate user clicks on online advertisements in order to generate revenue for its creators.To read this article in full or to leave a comment, please click here

iPexpert’s Newest “CCIE Wall of Fame” Additions 7/3/2015

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

This Week’s CCIE Success Stories

• Adrian McCaskill, CCIE #48071 (Wireless)
• Hugo Dantas, CCIE #49174 (Collaboration)
• Jocelyn Hamryszak, CCIE #49036 (Collaboration)
• Ehsan Emad, CCIE #28551 (Data Center)
• Jeremy Porter, CCIE #16273 (Wireless)
• Filipe Gaspar, CCIE #48503 (Wireless)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

Blue Light Special: Ensuring fast global configuration changes

CloudFlare operates a huge global network of servers that proxy our customers' web sites, operate as caches, inspect requests to ensure they are not malicious, deflect DDoS attacks and handle one of the largest authoritative DNS systems in the world. And where there's software there's configuration information.

CloudFlare is highly customisable. Each customer has a unique configuration consisting of DNS records, all manner of settings (such as minification, image recompression, IP-based blocking, which individual WAF rules to execute) and per-URL rules. And the configuration changes constantly.

Warp speed configuration

We offer almost instant configuration changes. If a user adds a DNS record it should be globally resolvable in seconds. If a user enables a CloudFlare WAF rule it should happen very, very fast to protect a site. This presents a challenge because those configuration changes need to be pushed across the globe very quickly.

We've written in the past about the underlying technology we use: Kyoto Tycoon and how we secured it from eavesdroppers. We also monitor its performance.

DNS records are currently changing at a rate of around 40 per second, 24 hours a day. All those changes need to be propagated in seconds.

So we take propagation times Continue reading

Propagation slow? Sound the alarms!

Propagation slow? Sound the alarms!

This is a blog post that I had written for my employer CloudFlare You can find the full link here

CloudFlare operates a

Check 10Gb Interfaces On An ASA

I recently had to deploy and ASA pair. One of the pre-requisites is to make sure there’s an optic in the interface we’re going to use. On a switch you have the following options:

#show int te5/4 transceiver
Transceiver monitoring is disabled for all interfaces.

ITU Channel not available (Wavelength not available),
Transceiver is internally calibrated.
If device is externally calibrated, only calibrated values are printed.
++ : high alarm, + : high warning, - : low warning, -- : low alarm.
NA or N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).

Optical Optical
Temperature Voltage Current Tx Power Rx Power
Port (Celsius) (Volts) (mA) (dBm) (dBm)
---------- ----------- ------- -------- -------- --------
Te5/4 27.0 0.00 7.6 -- -2.2 -2.7

Or

#show int tenGigabitEthernet 5/4 capabilities
TenGigabitEthernet5/4
Model: VS-S720-10G
Type: 10Gbase-SR
Speed: 10000
Duplex: full
Trunk encap. type: 802.1Q,ISL
Trunk mode: on,off,desirable,nonegotiate
Channel: yes
Broadcast suppression: percentage(0-100)
Flowcontrol: rx-(off,on),tx-(off,on)
Membership: static
Fast Start: yes
QOS scheduling: rx-(8q4t), tx-(1p7q4t)
QOS queueing mode: rx-(cos,dscp), tx-(cos,dscp)
CoS rewrite: yes
ToS rewrite: yes
Inline power: no
Inline power policing: no
SPAN: source/destination
UDLD yes
Link Debounce: yes
Link Debounce Time: yes
Ports-in-ASIC (Sub-port ASIC) Continue reading

Bacon

I want to grow my own food, but I can’t find any bacon seeds…

The post Bacon appeared first on 'net work.

SDxCentral Weekly News Roundup — July 3, 2015

Friday is SDxCentral Roundup Day. Get yours here.

Cisco leaves key to all its Unified CDM systems under doormat

Cisco Systems recently realized that its Unified Communications Domain Manager (Unified CDM) software contains a default privileged account with a static password that cannot be changed, exposing the platform to hacking by remote attackers.The Cisco Unified CDM is part of the Cisco Hosted Collaboration System and provides automation and administrative functions for the Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Jabber applications, associated phones and software clients.The privileged account is created when Unified CDM is first installed and cannot be changed or removed without affecting the system’s functionality—although exactly how, Cisco didn’t say in its security advisory. The only solution, the company said, is to install the patches it released.To read this article in full or to leave a comment, please click here

How SD-WANs Will Disrupt Enterprise Networking

Extending SDN programmability all the way across the WAN.

Video: ISP IPv6 Transition Strategies

The responses of Internet Service Providers (ISPs) to lack of IPv4 address space range from outright denial (sometimes coupled with reassuringly-expensive large-scale carrier-grade NAT) to all-in IPv6-only designs using 464XLAT for residual IPv4 connectivity.

To understand the implications of these extremes and a few data points between them, watch the ISP IPv6 Transition Strategies video from Enterprise IPv6 – the First Steps webinar.

Samsung faces lawsuit in China over bloatware on phones

A consumer protection group in China is suing Samsung Electronics and a Chinese vendor for placing too many preinstalled apps on phones, and is demanding that the whole smartphone industry eschew bloatware.On Thursday, the Shanghai Consumer Council said it filed public interest lawsuits against Samsung and Oppo for not only placing so much bloatware on their phones, but also making it impossible for the user to easily remove the apps.The consumer protection group has been receiving a growing number of complaints, and found that these preinstalled apps can take up a phone’s storage or download data without the user’s knowledge. In response, the group has filed the lawsuits in a Shanghai court, as a way to discourage smartphone vendors from weighing their products down with pre-installed software.To read this article in full or to leave a comment, please click here

Reddit sections go dark after exit of staffer

The exit of a key Reddit staffer, who apparently played an important role in the bustling AMA (Ask Me Anything) question-and-answer section, has created an uproar on the online discussion website.Many large communities, or subreddits in the parlance of the site, have been set to private, allowing only moderators or approved submitters to view the contents.Anger over the exit of Victoria Taylor, Reddit’s communications director, who assisted in AMAs with a variety of celebrities and other top personalities, appears to have mushroomed into a controversy over a lack of consultation between Reddit administrators and its volunteer moderators.To read this article in full or to leave a comment, please click here

Microsoft buries hatchet with Kyocera, ending litigation

Microsoft and Kyocera have put an end to a patent spat that began earlier this year by expanding a patent cross-licensing deal between them.In a tersely worded, four-sentence press release Thursday, the companies said the licensing deal would enable them to use “a broader range of each other’s technologies in their respective products.” Beyond that, the terms were not disclosed.It’s another win for Microsoft’s ongoing practice of seeking patent licenses from Android manufacturers. Earlier this year, the company sued Kyocera because of components that are part of Android that Microsoft says infringe on its patents. Licensing patents related to Android is a big business for the company, which revealed last year that Samsung paid more than $1 billion from July 2012 to June 2013 as part of a patent licensing deal.To read this article in full or to leave a comment, please click here

Plex hacker demands Bitcoin ransom for return of data

Video streaming service Plex has reset user passwords after it was breached by a hacker who threatened to release stolen data unless he’s paid a ransom.The company found out on Wednesday that a server hosting its forum and blog had been compromised, Chris Curtis, a Plex support engineer, said in a blog post.Information including IP addresses, email addresses, private forum messages and encrypted passwords were exposed.Someone going by the nickname “Savata” claimed responsibility for the breach and threatened to release the data on torrent networks if a ransom wasn’t paid in bitcoins.To read this article in full or to leave a comment, please click here