0

PSA: Linux Does RPF Checking

Twice now I've "discovered" that Linux hosts (even those that aren't doing IP forwarding) do Reverse Path Forwarding checks on incoming traffic.

Both times this has come up was in the context of a multicast application. It resulted in a conversation that went like this:

Application Person: Hey Chris, what's up with the network? My application isn't receiving any traffic.
Me: Um... The routers indicate they're sending it to you. The L3 forwarding counters are clicking. The L2 gear indicates it has un-filtered all of the ports between the router and your access port. Are you sure?
Application Person: My application says it's not arriving.
Me: I now have tcpdump running on your server. The traffic is arriving. Here are the packets. Do they look okay?

In the end, it turns out that the network was operating perfectly fine. The requested traffic was being delivered to the server, on the interface that requested it. It was the routing table within the Linux host that was screwed up.

RPF Checks
Reverse Path Flow checking is a feature that checks to make sure that a packet's ingress interface is the one that would be used to reach the packet's source. If a Continue reading

0

Lawmakers move to end warrantless surveillance of US residents

A new bill in Congress would require law enforcement agencies to get court-ordered warrants before targeting U.S. residents in searches of electronic communications collected by the National Security Agency.The End Warrantless Surveillance of Americans Act, introduced Tuesday by three members of the House of Representatives, would end the so-called surveillance back door that allows the FBI and other agencies to search U.S. emails, texts and other data swept up in NSA surveillance of overseas communications.+ A REVIEW: Government can exploit loopholes for warrantless surveillance on Americans +To read this article in full or to leave a comment, please click here

0

Snake, the original mobile game, is coming to Android and iOS

The 90's nostalgia bubble is actually producing something useful – the return of Snake, the classic game made popular on some of Nokia's earliest popular cellphones.The Verge reported today that the mobile game's original creator, former Nokia design engineer Taneli Armanto, has partnered with Finnish video game studio Rumilus Design for Snake Rewind, which will feature updated graphics and gameplay, including a new feature that seems like heresy – "the ability to rewind if you crash your snake," according to the report. Where I come from, if you crash the Snake, you're out.To read this article in full or to leave a comment, please click here

0

The Two “Network As Code” Domains

You’ve probably heard the term “network programmability” at this point. You probably also heard it equated to anything to do with code, automation, and networking. This was not always the case.

Network programmability really first hit the big time back in 2011 in the early days of the public OpenFlow discussion. That phrase was almost universally understood to be a data plane concept - because it was describing the revolutionary ideas brought up by abstracting away a forwarding pipeline. “You mean I can program my network device directly?” Network programmability.

I was inspired by a thread that my friend Josh kicked off with this tweet:

I am far from being a dev but I am no longer scared to learn to code. Thanks to the folks helping me start to get it.

— joshobrien77 (@joshobrien77) April 23, 2015

An interesting dialogue followed, and I felt compelled to address the problem caused by marketing departments muddying the waters of what would otherwise be a very simple idea.

Now obviously it’s too late to “right the wrong” that resulted from marketing and journalism engines chugging at full steam trying to make every technical term and phrase utterly useless. However, I would like Continue reading

0

The Two “Network As Code” Domains

You’ve probably heard the term “network programmability” at this point. You probably also heard it equated to anything to do with code, automation, and networking. This was not always the case.

Network programmability really first hit the big time back in 2011 in the early days of the public OpenFlow discussion. That phrase was almost universally understood to be a data plane concept – because it was describing the revolutionary ideas brought up by abstracting away a forwarding pipeline. “You mean I can program my network device directly?” Network programmability.

I was inspired by a thread that my friend Josh kicked off with this tweet:

I am far from being a dev but I am no longer scared to learn to code. Thanks to the folks helping me start to get it.

— joshobrien77 (@joshobrien77) April 23, 2015

An interesting dialogue followed, and I felt compelled to address the problem caused by marketing departments muddying the waters of what would otherwise be a very simple idea.

Now obviously it’s too late to “right the wrong” that resulted from marketing and journalism engines chugging at full steam trying Continue reading

0

SD-WAN with Viptela

0

The only Apple Watch review you really need to see: Kids have at it…

Tech pundits and Apple fanboys/fangirls have shared their views on the new Apple Watch in recent weeks, but The Fine Brothers bring you the only review you really need to see: A seven-and-a-half-minute YouTube videos in which kids have their say.This is a twist on the usual Fine Brothers videos, as they usually try to stump today's youth with yesterday's technology, as they did here with Walkmans ("Video makers torture kids with unexplained Walkmans"). One kid says he's speechless upon identifying the Apple Watch, but the rest are certainly not....To read this article in full or to leave a comment, please click here

0

Show 235 – HP IMC BYOD Solution – Sponsored

HP Networking's Juliano Forti & Chris Young talk with Greg Ferro and Ethan Banks about how HP handles BYOD through integration with HP's Intelligent Management Center platform.

Author information

The post Show 235 – HP IMC BYOD Solution – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

IDG Contributor Network: The UK is ‘running out of internet,’ pundit says

The United Kingdom, which is ranked on a GDP basis just behind France, Germany, and Japan – which in-turn are out-ranked only by the U.S. and China – is going to run out of internet soon, and might need to ration it, according to Andrew Ellis, a professor in optical communications at Aston University in Birmingham, England. The web will collapse because existing fiber optic cables can't accept any more data, and telcos can't afford to keep laying more fiber, Ellis has said recently. In any case, pumping data through cables is using up the country's power supply, Ellis says. At the current rate of growth, the web will consume the country's power supply within 20 years, he reckons.To read this article in full or to leave a comment, please click here

0

A framework for BackupPC‘s pre/post scripts

Use the same framework for all hosts, and run per-host scripts where needed.

0

Configuration management 101

Configuration management, without a doubt this is probably one of those things we all do, but to what end do we perform configuration management though? Usually configuration begins and sometimes ends with backing up and storing those configuration files but how much further can or should we go with configuration? Backing and storing configuration files […]

0

Google launches a service for storing big data

Google has introduced a service for storing large amounts of data online, potentially enabling organizations to execute big data analysis as a cloud service.The offering, called Google Cloud Bigtable, "is based on technology that Google has been running internally for many years, so it is not a brand new thing," said Tom Kershaw, who is Google's director of product management for the Google Cloud Platform.Bigtable powers many of Google's core services, including Google Search, Gmail, and Google Analytics.MORE ON NETWORK WORLD: Big data's biggest challenges The service could be used to store sensor data from an Internet-of-things monitoring system. Finance companies could house petabytes of trading data on the service to analyze for emerging trends. Telecommunications companies, digital advertising firms, energy, biomedical, and other data-intensive industries might benefit from the technology as well.To read this article in full or to leave a comment, please click here

0

Economist: The Internet of Things will deliver surge of productivity

BOSTON - The view from Harvard's Michael Porter, an economist noted for his work on competition, is that the last 10 or 15 years have been "pretty dismal" for the economy. The IT- and Internet- driven innovations over the past four decades or so have played themselves out. The rate of investment and innovation "has been slowing down," he said.But that will change thanks to Internet of Things (IoT) technologies, which will deliver "tremendous" efficiency gains, he said. Harvard economist Michael Porter.To read this article in full or to leave a comment, please click here

0

The Internet of Things to take a beating in DefCon hacking contest

Hackers will put Internet-connected embedded devices to the test at the DefCon 23 security conference in August. Judging by the results of previous Internet-of-Things security reviews, prepare for flaws galore.This year, DefCon, the largest hacker convention in the U.S., will host a so-called IoT Village, a special place to discuss, build and break Internet-of-Things devices.“Show us how secure (or insecure) IP enabled embedded systems are,” a description of the new village reads. “Routers, network storage systems, cameras, HVAC systems, refrigerators, medical devices, smart cars, smart home technology, and TVs—If it is IP enabled, we’re interested.”To read this article in full or to leave a comment, please click here

0

The Upload: Your tech news briefing for Wednesday, May 6

Are Apple music-streaming deals under government scrutiny?With Apple’s new Beats music-streaming service readying a June launch, there’s a flurry of reports that its tough deal-making with record labels is drawing the attention of the U.S. Federal Trade Commission. Bloomberg reported that the regulator is investigating whether Apple is using its position as the largest seller of music downloads via iTunes to get better deals than rivals like Spotify. The Verge had earlier reported that both the Department of Justice and the FTC were digging around to find out if Apple was leaning on labels to stop letting streaming competitors offer free music options, so that users are pushed to paid services.To read this article in full or to leave a comment, please click here

0

EU launches antitrust probe into e-commerce sector

Europe’s e-commerce market will be subject to a full-fledged antitrust probe, as part of the European Commission’s push to tear down walls between the European Union’s 28 national digital markets.The competition inquiry will look for barriers to online cross-border trade of electronics, digital content, clothing and shoes, the Commission said Wednesday. The probe was proposed by Competition Commissioner Margrethe Vestager in March and is one of 16 initiatives announced Wednesday that the Commission hopes will make the EU a single market for digital goods and services.To read this article in full or to leave a comment, please click here

0

Check Point – Don’t Use the ‘Install On’ Column

I got caught out by Check Point’s “Install On” column recently. Most people don’t need this setting any more, but it’s still there for legacy reasons. Time to re-evaluate.

When you create a firewall policy using Check Point, you define the set of possible installation targets. That is, the firewalls that this policy may be installed on. When you compile & install policy, you can choose from this list of targets, and only this list.

Most organisations will only have one installation target per policy. But sometimes you want to have the same policy on multiple firewalls. This is pretty easy to do, and might make sense if you have many common rules.

 

But then you say “What if I had 30 common rules, 50 that only applied to firewall A, and another 50 that only applied to firewall B?” That’s where people start using the “Install On” column. This lets you define at a Continue reading

0

Video: End-to-End High Availability in Dual Stack Networks

One of the topics I discussed in the IPv6 High Availability webinar is the problem of dual-stack deployments – what do you do when the end-to-end path for one of the protocol stacks breaks down. Happy eyeballs is one of the solutions, as is IPv6-only data center (Facebook is moving in that direction really fast). For more details, watch the short End-to-End High Availability in Dual Stack Networks demo video.

0

Electronic lock maker clashes with security firm over software flaws

The maker of a widely used electronic lock has taken issue with a security company’s criticism of one of its flagship products.IOActive, a Seattle-based security consultancy, published an advisory alleging several security flaws in electronic locks made by CyberLock, of Corvallis, Oregon.CyberLock, which received advance notice of the problems from IOActive, contends it wasn’t given enough time or information prior to IOActive’s warning. Mike Davis, the IOActive researcher who found the problems, published two letters said to have been sent by CyberLock’s lawyers to IOActive.To read this article in full or to leave a comment, please click here

0

The Two “Network As Code” Domains

You’ve probably heard the term “network programmability” at this point. You probably also heard it equated to anything to do with code, automation, and networking. This was not always the case. Network programmability really first hit the big time back in 2011 in the early days of the public OpenFlow discussion. That phrase was almost universally understood to be a data plane concept - because it was describing the revolutionary ideas brought up by abstracting away a forwarding pipeline.