What A Tangled OpenAI Web We CoreWeave
Wouldn’t it be funny if all of that money that Microsoft spent last year paying neocloud upstart CoreWeave was just to support ever-embiggening AI training workloads at OpenAI as it makes its GPT models smarter? …
What A Tangled OpenAI Web We CoreWeave was written by Timothy Prickett Morgan at The Next Platform.
HS097: Build A Strategy, Not Just A Project Plan
IT teams too often wrap a strategy statement around a basket of projects already in progress or known to be coming, rather than defining a strategy and then letting it spawn, guide, or absorb projects. On today’s Heavy Strategy we discuss whether IT teams have any alternative to this approach, given how much gets “thrown... Read more »
How Calico Network Security Works
In the rapidly evolving world of Kubernetes, network security remains one of the most challenging aspects for organizations. The shift to dynamic containerized environments brings challenges like inter-cluster communication, rapid scaling, and multi-cloud deployments. These challenges, compounded by tool sprawl and fragmented visibility, leave teams grappling with operational inefficiencies, misaligned priorities, and increasing vulnerabilities. Without a unified solution, organizations risk security breaches and compliance failures.
Calico reimagines Kubernetes security with a holistic, end-to-end approach that simplifies operations while strengthening defenses. By unifying key capabilities like ingress and egress gateways, microsegmentation, and real-time observability, Calico empowers teams to bridge the gaps between security, compliance, and operational efficiency. The result is a scalable, robust platform that addresses the unique demands of containerized environments without introducing unnecessary complexity. Let’s look at how Calico’s key network security capabilities make this possible.
Calico Ingress Gateway
The Calico Ingress Gateway is a Kubernetes-native solution, built on the Envoy Gateway, that serves as a centralized entry point for managing and securing incoming traffic to your clusters. Implementing the Kubernetes Gateway API specification, it replaces traditional ingress controllers with a more robust, scalable, and flexible architecture that is capable of more Continue reading
Data Deluge Pushes Financial Services Deeper Into AI
SPONSORED FEATURE: As an industry, financial services is accustomed to big numbers. …
Data Deluge Pushes Financial Services Deeper Into AI was written by Timothy Prickett Morgan at The Next Platform.
The Linux Bridge MTU Hell
It all started with an innocuous article describing the MTU basics. As the real purpose of the MTU is to prevent packet drops due to fixed-size receiver buffers, and I waste spend most of my time in virtual labs, I wanted to check how various virtual network devices react to incoming oversized packets.
As the first step, I created a simple netlab topology in which a single link had a slightly larger than usual MTU… and then all hell broke loose.
Europe Takes Another Whack At Homegrown Compute Engines
With RISC-V International, the body controlling the RISC-V instruction set, located in Switzerland for the past five years, RISC-V now has just as much right to call itself indigenous to Europe as does Arm Ltd, the British chip company that finds itself on the other side of the English Channel after the Brexit break up and that is still around 90 percent owned by Japanese conglomerate SoftBank. …
Europe Takes Another Whack At Homegrown Compute Engines was written by Timothy Prickett Morgan at The Next Platform.
Tech Bytes: How Internet Synthetic Transactions Boost App Performance Visibility (Sponsored)
Today on the Tech Bytes podcast we talk about Internet Performance Monitoring, or IPM, with sponsor Catchpoint. Catchpoint provides visibility across the full Internet Stack to help you understand the performance of your SaaS and cloud apps, WAN and branch connections, and more. We’ll talk about how Catchpoint can enrich network monitoring with synthetic transactions... Read more »Parallelism Strategies in Deep Learning
Introduction
Figure 8-1 depicts some of the model parameters that need to be stored in GPU memory: a) Weight matrices associated with connections to the preceding layer, b) Weighted sum (z), c) Activation values (y), d) Errors (E), e) Local gradients (local ∇), f) Gradients received from peer GPUs (remote ∇), g) Learning rates (LR), and h) Weight adjustment values (Δw).
In addition, the training and test datasets, along with the model code, must also be stored in GPU memory. However, a single GPU may not have enough memory to accommodate all these elements. To address this limitation, an appropriate parallelization strategy must be chosen to efficiently distribute computations across multiple GPUs.
This chapter introduces the most common strategies include data parallelism, model parallelism, pipeline parallelism, and tensor parallelism.
Figure 8-1: Overview of Neural Networks Parameters.
Data Parallelism
In data parallelization, each GPU has an identical copy of the complete model but processes different mini-batches of data. Gradients from all GPUs are averaged and synchronized before updating the model. This approach is effective when the model fits within a single GPU’s memory.
In Figure 8-2, the batch of training data is split into eight micro-batches. The first four micro-batches are Continue reading
NB517: TSMC Pledges $165 Billion for US Chip Manufacturing; Will the CHIPS Act Get Axed?
Take a Network Break! This week we’re joined by guest analyst Tom Hollingsworth of The Futurum Group. We start with red alerts from Broadcom on multiple vulnerabilities and an emergency patch from Cisco for its Webex platform. In tech news we discuss SolarWinds’ acquisition of Squadcast and how it fits into the SolarWinds portfolio, Aviatrix’s... Read more »Global expansion in Generative AI: a year of growth, newcomers, and attacks
AI (Artificial Intelligence) is a broad concept encompassing machines that simulate or duplicate human cognitive tasks, with Machine Learning (ML) serving as its data-driven engine. Both have existed for decades but gained fresh momentum when Generative AI, AI models that can create text, images, audio, code, and video, surged in popularity following the release of OpenAI’s ChatGPT in late 2022. In this blog post, we examine the most popular Generative AI services and how they evolved throughout 2024 and early 2025. We also try to answer questions like how much traffic growth these Generative AI websites have experienced from Cloudflare’s perspective, how much of that traffic was malicious, and other insights.
To accomplish this, we use aggregated data from our 1.1.1.1 DNS resolver to measure the popularity of specific Generative AI services. We typically do this for our Year in Review and now also on the DNS domain rankings page of Cloudflare Radar, where we aggregate related domains for each service and identify sites that provide services to users. For overall traffic growth and attack trends, we rely on aggregated data from the cohort of Generative AI customers that use Cloudflare for performance (including Continue reading
Worth Reading: Traffic Steering into LSPs
You can use SR-MPLS, MPLS-TE, or an SDN controller to build virtual circuits (label-switched paths) across the network core. The controller can push the LSPs into network devices with PCEP, BGP-LU, or some sort of NETCONF/RESTCONF trickery.
Unfortunately, you’re only half done once you have installed the LSPs. You still have to persuade the network devices to use them. Welcome to the confusing world of traffic steering explored in the Loopback as a Service blog post by Dmytro Shypovalov.
Tailscale VPN – A Network Engineer’s Perspective
Before we get into what Tailscale is or how it compares to a traditional remote access VPN, let’s take a quick look at Tailscale in action. The main problem Tailscale solves is remote access to your internal workloads.
In my homelab, I have a server running Linux. When I’m on my home network, I can access it directly without any issues. But if I step outside and want to access the same server over the Internet, Tailscale makes that much easier and you can have it up and running in about 10 minutes for free.
Typically, you would set up some kind of a VPN, either running on a server or a dedicated firewall. Then, you’d install a VPN client on the devices and point them to the public IP of your VPN server or firewall. That’s exactly what I have at the moment.
Tailscale takes a completely different approach, and you don’t need any of that. I’m not saying one is better than the other, I’m just pointing this out for comparison. I’ve shared my thoughts on the pros and cons of each solution at the end of this post.
Tailscale Installation and Setup
Head over to the Tailscale Continue reading
From Python to Go 016. Advanced SSH Interaction With Network Devices.
Hello my friend,
This blog continues discussion of how to manage devices (network switches and routers, servers, virtual machines, etc) using SSH, which we started in previous blog. In this discussion we’ll cover advanced interaction with devices, which include multiple commands, change of contexts and validations. Let’s dive in.
If You Say “From Python to Go”, Shall I Learn Python?
Each programming language has its strong and weak capabilities. Golang, by virtue being a low level (or at least much lower level compared to Python) is very good, when performance and efficiency are paramount. However, you don’t need it for all applications. Python give quicker time to market, possibility to iteratively develop your code with Jupyter and vast ecosystem of existing libraries. Both programming languages are important and both of them play crucial role in IT and network infrastructure management. So if you are good with Python, learn Go (Golang) using our blog series.
And if you are not, or you want to have good intro to IT and network automation holistically, enroll to our training programms:
We offer the following training programs in network automation for you:
Auto-expanding aliases in Zsh
To avoid needless typing, the fish shell features command abbreviations to expand some words after pressing space. We can emulate such a feature with Zsh:
# Definition of abbrev-alias for auto-expanding aliases typeset -ga _vbe_abbrevations abbrev-alias() { alias $1 _vbe_abbrevations+=(${1%%\=*}) } _vbe_zle-autoexpand() { local -a words; words=(${(z)LBUFFER}) if (( ${#_vbe_abbrevations[(r)${words[-1]}]} )); then zle _expand_alias fi zle magic-space } zle -N _vbe_zle-autoexpand bindkey -M emacs " " _vbe_zle-autoexpand bindkey -M isearch " " magic-space # Correct common typos (( $+commands[git] )) && abbrev-alias gti=git (( $+commands[grep] )) && abbrev-alias grpe=grep (( $+commands[sudo] )) && abbrev-alias suod=sudo (( $+commands[ssh] )) && abbrev-alias shs=ssh # Save a few keystrokes (( $+commands[git] )) && abbrev-alias gls="git ls-files" (( $+commands[ip] )) && { abbrev-alias ip6='ip -6' abbrev-alias ipb='ip -brief' } # Hard to remember options (( $+commands[mtr] )) && abbrev-alias mtrr='mtr -wzbe'
Here is a demo where gls is expanded to git ls-files after pressing space:
gls to git ls-filesI don’t auto-expand all aliases. I keep using regular aliases when slightly modifying the behavior of a command or for well-known abbreviations:
alias df='df -h' alias du='du -h' alias rm='rm -i' alias mv='mv -i' alias ll='ls -ltrhA'
Broadcom And Marvell Ride The Compute Engine Independence Wave
Nvidia sells the lion’s share of the parallel compute underpinning AI training, and it has a very large – and probably dominant – share of AI inference. …
Broadcom And Marvell Ride The Compute Engine Independence Wave was written by Timothy Prickett Morgan at The Next Platform.
HN771: Is The CCIE Still Worth It In 2025?
The CCIE remains the gold standard for networking certifications. But these days there are lots of other avenues for developing your skills and advancing your networking career, including network automation, cloud networking, and yes, even AI. So is the CCIE still worth it? We chew on this topic with Eman Conde. Eman has been known... Read more »TNO019: A Look At NetOps Inside a Colocation Facility
Ever wonder what network operations are like inside a colocation facility? Today we talk with Scott Brookshire, CTO of OpenColo. Scott shares his journey into networking, how OpenColo was founded, and the evolution of the company from a few servers to a significant data center operation. We delve into what it means to run a... Read more »Dynamically optimize, clip, and resize video from any origin with Media Transformations
Today, we are thrilled to announce Media Transformations, a new service that brings the magic of Image Transformations to short-form video files wherever they are stored.
Since 2018, Cloudflare Stream has offered a managed video pipeline that empowers customers to serve rich video experiences at global scale easily, in multiple formats and quality levels. Sometimes, the greatest friction to getting started isn't even about video, but rather the thought of migrating all those files. Customers want a simpler solution that retains their current storage strategy to deliver small, optimized MP4 files. Now you can do that with Media Transformations.
For customers with a huge volume of short video, such as generative AI output, e-commerce product videos, social media clips, or short marketing content, uploading those assets to Stream is not always practical. Furthermore, Stream’s key features like adaptive bitrate encoding and HLS packaging offer diminishing returns on short content or small files.
Instead, content like this should be fetched from our customers' existing storage like R2 or S3 directly, optimized by Cloudflare quickly, and delivered efficiently as small MP4 files. Cloudflare Images customers reading this will note that this sounds just like their existing Image Transformation Continue reading