0

Shellshock: One Month On

Shellshock was released a little over a month ago, to wide predictions of doom & gloom. But somehow the Internet survived, and we lurch on towards the next crisis. I recently gave a talk about Shellshock, the fallout, and some thoughts on wider implications and the future. The talk wasn’t recorded, so here’s a summary of what was discussed.

Background: NZ ISIG: Keeping it Local

Attend enough meetings, and sooner or later you’ll be called upon to present. I was ‘volunteered’ to speak on Shellshock, about a month after the exploit was made public. I didn’t talk about the technical aspects of the exploit itself – instead I explored some of the wider implications, and industry trends. I felt the talk went well, mainly because it wasn’t just me talking: everyone got involved and contributed to the discussion. It would be a bit Continue reading

0

The Etymology of Elephant and Mice Flows

Over the past 3-4 years, the term elephant flows has been used to refer to east-west (machine-to-machine) traffic, such as vMotion, Migration, Backup, and Replication. The term mice flows is used to refer to north-south (user-to-machine) traffic. Why are we using these terms all of a sudden and did they come from? Wikipedia states “It is not clear who … Continue reading The Etymology of Elephant and Mice Flows →

0

White Box switch readiness for prime time

Matthew Stone runs Cumulus Networks switches in his production network. He came on the Software Gone Wild podcast recently to talk about his experiences. Cumulus, Pica8, and Big Switch are the three biggest proponents of white box switching. While Pica8 focuses on the Linux abstractions for L2/L3, Pica8 focuses more on the OpenFlow implementation, and Big … Continue reading White Box switch readiness for prime time →

0

Appropriate Halloween costumes

There has been some debate over Halloween costumes, whether ISIS terrorist garb or hazmat suites are appropriate. Of course they are. Culture responds to current events; everything is fair game.

An example of this are Afghan "war rugs", as pictured below. The one on the left is in response to the old Soviet invasion, and the one on the right is in response to the post-9/11 invasion by the U.S. Rug weavers incorporated things from their environment into the rugs. In particular, the design of the rug on the right comes from leaflets we carpet bombed the country with before invading them.



Indeed, the entire "Halloween" theme is about death. It's just that it got incorporated in our culture long before the Internet enabled wimpy nitpickers from debating what was, or wasn't, appropriate. I'm not sure if the holiday would've survived in the modern politically correct climate.

0

JNCIE-ENT Prep Guide has been published!

Just a quick note on a Friday afternoon about The Unofficial JNCIE-ENT Pre Guide to let you know that it has now been published. You may order a copy at LeanPub, and to kick it off here is a 25% off coupon – http://fryguy.me/JNCIEENTWB The guide is is over 500 pages of JNCIE study goodness for […]

0

Welcome to the source

package main

import ("fmt")

func HelloWorld() {
    fmt.Println("Welcome to my blogn")
}

0

The Network Iceberg

The impact of compute virtualization on the data center network has been profound. There are more virtual ports then physical ports. That simple measurement overshadows any other disruption in networking. We arrived at this transformation as a result of significant adoption of OS virtualization. The next revision of compute virtualization is the application. The last significant bastion of efficiency is to ... The post The Network Iceberg appeared first on NetworkStatic | Brent...

...

0

Plexxi Pulse—Don’t Be Spooked by Big Data

We are getting into the Halloween spirit here at Plexxi—check out this Plexxi pumpkin carved by our talented marketing manager, Khoa Ma!

Jack-o-lanterns aside, we know the thought of navigating trends like the Internet of Things and Big Data can be frightening, especially if you are unsure of how to approach them. As these trends gain popularity and deployments increase, IT architects often worry about increased activity on already taxed infrastructures. Our own Mike Bushong is our resident expert on this topic and he penned an interesting blog post this week on networking’s atomic unit and “going small to scale up.” Creating smaller units of capacity makes the network easier to manage, and most importantly, scale. It’s definitely worth a read before heading out to trick-or-treat.

In this week’s PlexxiTube of the week, Dan Backman explains failure scenarios in case of hardware or software outages in a Plexxi pod design.

Don’t Engineer a Mess

Network architect Brian Heder contributed an article to Network World this week on the importance and challenges of simplicity in computer network design. While I think Heder’s list is solid, I would add an additional obstacle to network simplicity: customization. Avoid making your network environment Continue reading

0

Musing: Subscription License Economics

The rise of software licensing in networking changes some of my assumptions about the 5 year cost of ownership of products. Roughly, lets assume that you are buying virtual appliances like firewalls, DNS/DHCP, IDS/IPS, proxy servers and load balancers and that you pay some type of yearly license to use the product. Capital Upfront The legacy […]

The post Musing: Subscription License Economics appeared first on EtherealMind.

0

Calculating burst size for class-of-service

Burst sizes need to be calculated if you are implementing policers or shapers on Junos devices so that the policer or shaper can control the flow of traffic appropriately.  Too small a burst size and TCP applications will have terrible throughput.  Too large a burst size and the policer won’t be very effective – the bursts are so large they cancel out the effect of the policing because as one burst ends another one is just about to begin.

The situation is described reasonably well on the Juniper site here, and also in O’Reilly’s excellent MX book.  But in both places the mathematics of the calculation is hidden in a paragraph of text – not written out properly and showing the workings.  That makes for confusion in my mind.

It’s actually a fairly easy calculation, but isn’t presented well.  I finally sat down to work out what it meant.

The easy way to calculate burst size for low bandwidth (i.e. T1/E1 etc) interfaces is 10 times the MTU of the interface.   The problem with this is (as you see in figure 3 in the Juniper link above) that on 1500-byte Ethernet this Continue reading

0

Junos Apply-Path – A Step Closer To Heaven

I have a list of things I mean to blog about, and the Junos Apply-Path feature has been on there for way too long without being actions. As I said when I kicked off the “30 Blogs in 30 Days” … Continue reading →

If you liked this post, please do click through to the source at Junos Apply-Path – A Step Closer To Heaven and give me a share/like. Thank you!

0

Halloween Career Advice from the Damned

“Now, as you look through this document you’ll see that I’ve underlined all the major decisions I ever made to make them stand out. They’re all indexed and cross-referenced. See? All I can suggest is that if you take decisions that are exactly opposite to the sort of decisions that I’ve taken, then maybe you […]

Author information

The post Halloween Career Advice from the Damned appeared first on Packet Pushers Podcast and was written by Glen Kemp.

0

Response: I’m Terrified of My New TV

Smart Televisions are tracking everything you do and sending that data to unknown services: The amount of data this thing collects is staggering. It logs where, when, how, and for how long you use the TV. It sets tracking cookies and beacons designed to detect “when you have viewed particular content or a particular email […]

The post Response: I’m Terrified of My New TV appeared first on EtherealMind.

0

Make Rip-and-Replace a bit less Creepy

It was a dark and stormy Halloween night and a networking engineer was stuck in a data center facing a Mission Impossible project: replace a failing Cat6500 with a brand-new Nexus 7000. Shouldn’t have been a problem, if only the cables were labeled.

Read more ...

0

PDU-12C

"After all, what's the best part of Halloween?" Jimmy pleaded over the phone. He was trying yet again to convince Tom to skip work for the night and head over to the party he was throwing. Tom and Jimmy were good friends, but he already knew how the conversation was going to end.

"I dunno, the candy?" Tom played dumb.

"No, the eye candy! I'm telling you bro, you don't want to miss it. Rachel will be there." Jimmy sang the last bit tauntingly.

"I told you," Tom countered. "I've got work." It was around 6pm now, and he was just pulling into the parking lot outside the data center where he planned to spend the night recabling several racks of equipment. The scariest part of his Halloween would be picking through years' worth of undressed patch cabling.

"I don't get why you have to do that shit at night anyway. Why can't you do it during the day when you're stuck at work anyway?" Jimmy prodded.

Tom parked across from the building's entrance and turned off his car. Other than a couple vehicle belonging to the operations staff, the parking lot was deserted. He Continue reading

0

Happy Tenth Anniversary Arista Networks!

Every year at Arista has been filled with milestones and enriching memories. I want to acknowledge and thank each and every Arista well-wisher for contributing to this incredible experience. So let’s take a walk together down memory lane and look back on our journey from start-up to a now public company. I think of Arista’s first decade as being comprised of three phases:

2004+ Our Humble Beginnings:

Funded in a unique fashion, without traditional venture capital investment, Arista (first called Arastra, located on Arastradero road in Palo Alto) was placed in a unique position. Our founders, Andy and David, were our funders, too, and they cared deeply about building the company with the right technology foundation. Ken Duda, also a founder and our EOS software genius, brought a radical, resilient and programmable network-OS for modern, disruptive applications. Bringing some of the best and brightest engineering minds together resulted in an innovative network-wide operating system that challenged legacy enterprise switching vendors. Andy Bechtolsheim and I launched the company officially in October 2008. With just 50 engineers we gained 50 customers by the end of 2008, proving what small focused teams could accomplish. Our early adopters welcomed us as a breath of Continue reading

0

Show 210 – SPB Implementation Fundamentals

Dominik and Ricki Cook join Packet Pushers Greg Ferro and Ethan Banks in a hands-on exploration of Shortest Path Bridging, IEEE 802.1aq. Most of us have had our hands on Avaya gear that does SPB — Ethan in the lab, and Dominik + Ricki in production environments. We go through the basic goals, setup, and commands […]

Author information

The post Show 210 – SPB Implementation Fundamentals appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

Retro installation wizard

Just upgrading my soundcard drivers to some newer ones that were issued in 2012, and the wizard they use for this appears to be from 1995!

0

Ruckus Wireless User? Here’s your OS X Yosemite Warning.

A quick post today. As you may recall, I run two Ruckus Wireless APs at home – a Zoneflex 7982 AP and a Zoneflex 7363 AP managed by a Zone Director 1106. The ZF7982 and ZD1106 were provided courtesy of Ruckus … Continue reading →

If you liked this post, please do click through to the source at Ruckus Wireless User? Here’s your OS X Yosemite Warning. and give me a share/like. Thank you!

0

Take a break and watch two recent engineering talks

Recently, I spoke at the dotGo 2014 conference in Paris and my colleague (and creator of OpenResty) Yichun Zhang spoke at the first NGINX conference in San Francisco.

If you need to take a break, go grab a drink and enjoy one of these two talks.

The Latest and Greatest from ngx_lua: New Features & Tools

Tired of writing NGINX C-modules or setting-up back-end application servers? The ngx_lua module was created to save time and pain, while opening up new possibilities in the world of NGINX. The ngx_lua module embeds the Lua dynamic language into the NGINX core, turning NGINX into a highly scriptable proxy server. Many use it as a non-blocking full-stack web application server as well--also known as OpenResty.

Led by ngx_lua co-creator and sole-maintainer, CloudFlare’s Yichun Zhang, this presentation will introduce all the latest features implemented in the ngx_lua module as well as other new tools. Yichun will focus on features including: light threads, websockets, timers, NGINX worker initialization hooks, SSL/TLS coroutine-based sockets (or “cosockets”), full-duplex cosockets and more.

. .

The session wraps-up covering new advanced tools to troubleshoot and profile ngx_lua-based systems including dynamic tracing utilities based on Systemtap and GDB extension commands.

I came for the Continue reading