Oceania Redundancy: Auckland and Melbourne data centers now online

The genesis of our 33rd and 34th data centers in Auckland and Melbourne started a short hop away in nearby Sydney. Prior to these deployments traffic from all of New Zealand and Australia's collective 23 million Internet users was routed through CloudFlare's Sydney data center. Even for those in faraway Perth, the time necessary to reach our Sydney PoP was a mere 55ms of round trip time (RTT). By comparison, the blink of an eye takes 300-400ms. In other words, latency wasn't exactly the pressing concern. The real concern was a failure scenario in our Sydney data center.

Fortunately, our entire architecture starts with an assumption: failure is going to happen. As a result, we plan for failure at every level and have designed a system to gracefully handle it when it occurs. Even though we now maintain multiple layers of redundancy—from power supplies and power circuits to line cards, routing engines and network providers—our ultimate level of redundancy is in the ability to fail out an entire data center in favor of another. In the past we've even written about how this might even play out in the case of a global thermonuclear war. In this instance, the challenge Continue reading

Google’s push to encrypt ads will improve security, but won’t kill malvertising

Google plans to serve most of its ads over encrypted HTTPS connections by the end of June, a move that will protect against some ad hijacking attacks and will encourage website owners to enable encryption on their Web properties.However, malicious advertising attacks that direct users to Web-based exploits will still be possible and, because of the new encryption, it will be harder for security researchers to pinpoint their source.Last year, Google announced that it will give more weight to HTTPS-enabled websites in search rankings in order to encourage the adoption of encryption across the Web. HTTPS (HTTP Secure) allows Web communication over a channel encrypted with the TLS (Transport Layer Security) protocol.To read this article in full or to leave a comment, please click here

Deploying VMware NSX on Cisco Nexus 9000 & Cisco UCS Infrastructure

As VMware NSX gains broader adoption, we have heard many customer requests for guidance to help them run NSX on top of the latest Cisco infrastructure, namely Cisco UCS and Nexus 9000 series switches.

With customers choosing the benefits of VMware NSX along with the Software Defined Data Center (SDDC), the underlying hardware (Ethernet fabric, x86 compute, etc) provides reliable, resilient capacity, but the configuration, state and advanced features move to faster, more flexible software. The requests were for deploying NSX with Cisco infrastructure running in a standard IP-based fabric with the Nexus 9000’s in standalone mode (NX-OS Mode), as opposed to the proprietary ACI Mode. As with any IP fabric, VMware NSX works great with Nexus 9000 as the underlay. The combination of VMware NSX and Nexus 9000 in standalone mode enables the benefits customers have chosen to embrace with the SDDC.

We had previously put out a design guide on deploying VMware NSX with Cisco UCS and Nexus 7000 to help deploy NSX in current environments. Today we are putting out a new reference design for deploying VMware NSX with Cisco UCS and Nexus 9000 infrastructure, providing an easy path to the SDDC while incorporating the latest Cisco Continue reading

Xperia Z4 launch reflects Sony’s timidity in smartphones

Sony’s decision to launch its new high-end smartphone, the Xperia Z4, only in Japan, shows its hesitancy about this market and puts into question its commitment to it.Monday’s introduction of the Xperia Z4 stands in stark contrast to the arrival of competing products like the HTC One M9 or the Galaxy S6 and S6 edge from Samsung Electronics, which were launched with much fanfare at Mobile World Congress. And when LG premiers the G4 on April 28, it will do so at events around the world.But considering the very challenging position Sony’s smartphone business has found itself in, the low-key unveiling doesn’t come as a shock.To read this article in full or to leave a comment, please click here

Improving Mean Time To Innocence With ThousandEyes

In the case of troubleshooting poor performance for an off-site application, improving mean time to innocence is really important. Businesses need to understand whether the problem is in the local infrastructure, in the remote cloud, or somewhere in the middle. This is not especially easy to track down by hand. Manual traceroutes, simple ping tests, and DNS resolution checks are most of what can be done with the average workstation, but in fact there is a great deal more information that is publicly accessible.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks
TwitterGoogle+LinkedIn

The post Improving Mean Time To Innocence With ThousandEyes appeared first on Packet Pushers Podcast and was written by Ethan Banks.

The facts, while interesting, are irrelevant

Maybe my excuse should be that it was somewhere around two in the morning. Or maybe it was just unclear thinking, and that was that. Sgt P. and I were called out to fix the AN/FPS-77 RADAR system just at the end of our day (I normally came into the shop around 6:30AM after swimming a mile in the Ft. Dix pool, showering, and eating breakfast, so I truly had an early start), so we’d been fighting this problem for some seven or eight hours already. For some reason, a particular fuse down in the high voltage power supply kept blowing. Given this is the circuit that fed the magnetron with 250,000 volts at around 10 amps (yes, that’s a lot of power, especially for a device originally built in 1964), it made for some interesting discussion with the folks in base weather, who were thus dependent on surrounding weather RADAR systems to continue flight operations.

They weren’t happy.

We traced the problem back, using our best half splitting skills in a high voltage circuit that took minutes to power up and down, and finally decided it was a particular resistor located over on a corner of one assembly (we Continue reading

The Future of the Distributed Network

Back in December of 2014, I wrote a blog post about the complexities of the network as a distributed system. In it I pointed out that networks have traditionally been built as distributed systems, and that our entire management and knowledge base for networks is based on this. But, is this the best approach for current and future networking needs?

As humans we have our own ideas of how to best solve problems. While we are immensely creative, our solutions aren’t always the best (or will never be). We often look to nature as a guide for how to improve our manmade solutions. When we look at how large complex systems in nature have been created and evolved, perhaps we should look no further than ourselves. The human body is possibly one of the most complex systems we know. If we think of the brain as the centralized control system, it is easy to see that we are, in fact, highly centralized beings.

We live and function, however, in a social environment that has no clearly established central control system. We are organized by different permanent and temporary control systems. We create environments with centralized direction of work to be Continue reading

The Upload: Your tech news briefing for Monday, April 20

Is Nokia on the way back to the phone market?When it sold off its device business to Microsoft, Nokia seemed to be saying goodbye to the mobile phone market it once helped define. But now sources tell re/code that projects in development at the small Nokia Technologies division indicate it’s plotting to return when it’s no longer under contract restrictions that prevent it from directly selling or licensing phones under its brand.DOJ said to be leaning against Comcast-Time Warner dealAttorneys at the U.S. Department of Justice are looking unfavorably on the proposed merger of two U.S. cable and Internet giants, Bloomberg reported. Lawyers in the antitrust division may this week recommend blocking Comcast’s bid to buy Time Warner for $45.2 billion.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, April 20

Is Nokia on the way back to the phone market?When it sold off its device business to Microsoft, Nokia seemed to be saying goodbye to the mobile phone market it once helped define. But now sources tell re/code that projects in development at the small Nokia Technologies division indicate it’s plotting to return when it’s no longer under contract restrictions that prevent it from directly selling or licensing phones under its brand.DOJ said to be leaning against Comcast-Time Warner dealAttorneys at the U.S. Department of Justice are looking unfavorably on the proposed merger of two U.S. cable and Internet giants, Bloomberg reported. Lawyers in the antitrust division may this week recommend blocking Comcast’s bid to buy Time Warner for $45.2 billion.To read this article in full or to leave a comment, please click here

Broadcom’s Trident II Gets a VXLAN Booster

Broadcom’s Trident II Gets a VXLAN Booster Broadcom is announcing a new version of its Trident II Ethernet switch chip family today, with one notable feature being improved performance for VXLAN and other tunneling protocols. The StrataXGS Trident-II+, a drop-in replacement for the Trident II, arrives as Broadcom tries to spread its Ethernet switch franchise into new areas. The recently announced StrataDNX Read more >

Mozilla to debut Firefox for iPhone ‘soon’

Mozilla will introduce Firefox for Apple's iPhone "soon," according to a company announcement of an open marketing position.As the senior mobile marketing manager, the candidate will "lead marketing for Firefox on both Android and iOS," the listing stated, adding that "a new Firefox for iOS application [will be] arriving soon." Mozilla An early rendition of Firefox on iOS features a "tab tray" that shows open sites in a vertical orientation. (Image: Mozilla.)To read this article in full or to leave a comment, please click here

Twitter accounts outside of the US now fall under EU data protection rules

Twitter revised its privacy policy over the weekend, changing where it handles the account information of users outside the U.S. and clarifying some points.As of Saturday, account information for Twitter users outside the U.S. is handled by Twitter International in Dublin, Ireland. This means that all account information will be subject to Irish privacy and data protection law, which is based on the European Union’s Data Protection Directive, Twitter said on its site.The accounts of U.S. users will still be handled by Twitter’s head office in San Francisco under U.S. law.Dublin is popular with U.S. tech companies, which often base their international and EU operations there. The country’s favorable corporation tax regime is often seen as a reason for IT companies to settle there—as is the small staff of its privacy regulator, which has a staff of just 29 to tackle domestic and international companies.To read this article in full or to leave a comment, please click here

New products of the week 04.20.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Acronis Backup ServicePricing: By cloud storage:·         5,000 GB -> $8,500·         1,000 GB -> $2,400·         500GB -> $1,300·         250GB -> $750Key features: Acronis Backup Service solves your business data protection challenges with a complete and easy-to-manage service that backs up any data from any source and recovers to any destination or system. More info.To read this article in full or to leave a comment, please click here

New products of the week 04.20.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Acronis Backup ServicePricing: By cloud storage:·         5,000 GB -> $8,500·         1,000 GB -> $2,400·         500GB -> $1,300·         250GB -> $750Key features: Acronis Backup Service solves your business data protection challenges with a complete and easy-to-manage service that backs up any data from any source and recovers to any destination or system. More info.To read this article in full or to leave a comment, please click here

Junos export policy not working?

During a project recently, I was promptly reminded about the construction of Junos route export (i.e. route redistribution) policies. Specifically when filtering prefixes during the export/redistribution. The logic goes something like this:

a) Create prefix-list of prefixes to export
b) Create policy which references the protocol and prefix list to export
c) Attach policy to protocol

An example is here:

policy-options {
    prefix-list CUST_A {
        192.0.2.1/32;
    }

	policy-statement REDISTRIBUTE_STATICS_CUST_A {
    	/* FROM PREFIX-LIST TEST TO METRIC TYPE 1 FOR CUST A */
    	term 1 {
        	from {
            	prefix-list CUST_A;
        	}
        	to protocol ospf2;
        	then {
            	external {
                	type 1;
            	}
            	accept;
        	}
    	}
	}
}

protocols {
	ospf {
		export REDISTRIBUTE_STATICS_CUST_A
		area 0.0.0.0 {
		interface x-x/x/x.x
		}
	}
}

With Junos export policies for routing, if you want to export more prefixes of the same type, adding an additional policy which also references the same protocol for the export will just not work. If you do the below, then you’re out of luck.

policy-options {
    prefix-list CUST_A {
        192.0.2.1/32;
    }

    prefix-list CUST_B {
        192.0.2.2/32;
    }

	policy-statement REDISTRIBUTE_STATICS_CUST_A {
    	/* FROM PREFIX-LIST TEST TO METRIC TYPE 1  Continue reading

HTIRW: Reality at the Mic (3)

Let’s take one look back over the IETF before we move on to the next piece of the infrastructure of the ‘net. Why does it take so long for a single document to get through the process, and result in a standard? There is, of course, the formal process, which requires the document to proposed, […]

Author information

Russ White

Principal Engineer at Ericsson

Russ White has scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, nibbled and noodled at a lot of networks, and done a lot of other stuff you either already know about — or don't really care about. You can find Russ at 'net Work, the Internet Protocol Journal, LinkedIn, and his author page on Amazon.
TwitterGoogle+LinkedIn

The post HTIRW: Reality at the Mic (3) appeared first on Packet Pushers Podcast and was written by Russ White.

What is the real reason behind IP and MPLS Traffic Engineering ?

MPLS traffic engineering has many use cases and it helps to solve the problems in an MPLS enabled networks. These use cases are in general; QoS guarantee, End to End SLA , Fast reroute, Admission control and so on. All of them at the end is done for the COST SAVING. The real reason behind MPLS Traffic… Read More »

The post What is the real reason behind IP and MPLS Traffic Engineering ? appeared first on Network Design and Architecture.

1 3,527 3,528 3,529 3,530 3,531 3,837