0

New Webinar: Internet Routing Security

I’m always in a bit of a bind when I get an invitation to speak at a security conference (after all, I know just enough about security to make a fool of myself), but when the organizers of the DEEP Conference invited me to talk about Internet routing security I simply couldn’t resist – the topic is dear and near to my heart, and I planned to do a related webinar for a very long time.

Even better, that conference would have been my first on-site presentation since the COVID-19 craze started, and I love going to Dalmatia (where the conference is taking place). Alas, it was not meant to be – I came down with high fever just days before the conference and had to cancel the talk.

0

IBM’s AI Accelerator: This Had Better Not Be Just A Science Project

Big Blue was one of the system designers that caught the accelerator bug early and declared rather emphatically that, over the long haul, all kinds of high performance computing would have some sort of acceleration. …

IBM’s AI Accelerator: This Had Better Not Be Just A Science Project was written by Timothy Prickett Morgan at The Next Platform.

0

What is SD-WAN, and what does it mean for networking, security, cloud?

The most important change to wide-area networking over the past few years has been the widespread deployment of software-defined WAN technology, (SD-WAN), which changes how networking professionals optimize and secure WAN connectivity.What is SD-WAN? SD-WAN uses software to control the connectivity, management and services between data centers, remote offices and cloud resources. Like its technology brother software-defined networking (SDN), SD-WAN works by decoupling the control plane from the data plane.To read this article in full, please click here

0

Automation: How to streamline a networkwide switch upgrade

Automation can make a big difference in repetitive networking tasks, and that’s just what we did to streamline an enterprise switch upgrade using scripts we created with Python and a set of open-source tools.The project reaped several benefits, three of which were eliminating much human error inherent in the manual process, faster deployment overall, and significant cost savings.Upgrading a large, switched network is always a challenge. The typical solution is to carefully document the old switch configurations and the wiring to the patch panel, then manually configure the new switches and replace the wiring. The endpoints must be carefully tracked so they are assigned to the appropriate VLAN and have the correct interface configuration.To read this article in full, please click here

0

Service Mesh And Ingress In Kubernetes Lesson 7: Create An Ingress Controller In The Cloud – Video

This video walks through how to set up an NGINX ingress controller in AWS and Azure. Michael Levan brings his background in system administration, software development, and DevOps to this video series. He has Kubernetes experience as both a developer and infrastructure engineer. He’s also a consultant and Pluralsight author, and host of the “Kubernetes […]

The post Service Mesh And Ingress In Kubernetes Lesson 7: Create An Ingress Controller In The Cloud – Video appeared first on Packet Pushers.

0

The Benefits Of Frustration

When you start a career you are inexperienced and somewhat immature, but also hungry for new experiences. Someone sees your potential and holds your hand, mentors you, and you appreciate it. But because you’re new, you think the final responsibility will be someone else’s. In short, you do not know what’s in store for you. […]

The post The Benefits Of Frustration appeared first on Packet Pushers.

0

Day Two Cloud 168: Get Kubernetes Observability With AppDynamics Cloud (Sponsored)

Today's Day Two Cloud podcast, sponsored by AppDynamics, explores how AppDynamics Cloud brings observability to your Kubernetes deployments by ingesting and visualizing all metrics, events, log and trace data from across your cloud and on-prem landscapes.

0

Day Two Cloud 168: Get Kubernetes Observability With AppDynamics Cloud (Sponsored)

Today's Day Two Cloud podcast, sponsored by AppDynamics, explores how AppDynamics Cloud brings observability to your Kubernetes deployments by ingesting and visualizing all metrics, events, log and trace data from across your cloud and on-prem landscapes.

The post Day Two Cloud 168: Get Kubernetes Observability With AppDynamics Cloud (Sponsored) appeared first on Packet Pushers.

0

Making peering easy with the new Cloudflare Peering Portal

In 2018, we launched the Cloudflare Peering Portal, which allows network operators to see where your traffic is coming from and to identify the best possible places to interconnect with Cloudflare. We’re excited to announce that we’ve made it even easier to interconnect with Cloudflare through this portal by removing Cloudflare-specific logins and allowing users to request sessions in the portal itself!

We’re going to walk through the changes we’ve made to make peering easier, but before we do that, let’s talk a little about peering: what it is, why it’s important, and how Cloudflare is making peering easier.

What is peering and why is it important?

Put succinctly, peering is the act of connecting two networks together. If networks are like towns, peering is the bridges, highways, and streets that connect the networks together. There are lots of different ways to connect networks together, but when networks connect, traffic between them flows to their destination faster. The reason for this is that peering reduces the number of Border Gateway Protocol (BGP) hops between networks.

What is BGP?

For a quick refresher, Border Gateway Protocol (or BGP for short) is a protocol that propagates instructions on how networks should Continue reading

0

Cisco Figures Out How To Sell Switches To Hyperscalers And Enterprises Alike

Selling hardware into the modern datacenter is no easy feat, particularly when the needs of hyperscalers and enterprises have long since diverged. …

Cisco Figures Out How To Sell Switches To Hyperscalers And Enterprises Alike was written by Jeffrey Burt at The Next Platform.

0

Why Do We Need IBGP Full Mesh?

Here’s another question from the excellent list posted by Daniel Dib on Twitter:

BGP Split Horizon rule says “Don’t advertise IBGP-learned routes to another IBGP peer.” The purpose is to avoid loops because it’s assumed that all of IBGP peers will be on full mesh connectivity. What is the reason the BGP protocol designers made this assumption?

Time for another history lesson. BGP was designed in late 1980s (RFC 1105 was published in 1989) as a replacement for the original Exterior Gateway Protocol (EGP). In those days, the original hub-and-spoke Internet topology with NSFNET core was gradually replaced with a mesh of interconnections, and EGP couldn’t cope with that.

0

Why Do We Need IBGP Full Mesh?

Here’s another question from the excellent list posted by Daniel Dib on Twitter:

BGP Split Horizon rule says “Don’t advertise IBGP-learned routes to another IBGP peer.” The purpose is to avoid loops because it’s assumed that all of IBGP peers will be on full mesh connectivity. What is the reason the BGP protocol designers made this assumption?

Time for another history lesson. BGP was designed in late 1980s (RFC 1105 was published in 1989) as a replacement for the original Exterior Gateway Protocol (EGP). In those days, the original hub-and-spoke Internet topology with NSFNET core was gradually replaced with a mesh of interconnections, and EGP couldn’t cope with that.

0

Cisco launches 10-year plan to train 25 million people in IT skills

As Cisco celebrates the 25th anniversary of Cisco Networking Academy, the company on Tuesday announced two new certifications and a plan to provide networking, cybersecurity and general IT  training to 25 million people over the next 10 years.The training will be done through the company's networking academy, an IT skills-to-jobs program that provides IT courses, learning simulators, and hands-on learning opportunities, supporting instructors and learners in 190 countries. To date, Cisco says more than 17.5 million global learners have taken Cisco Networking Academy courses to gain IT skills, with 95% of students attributing their post-course job or education opportunity to Cisco Networking Academy.To read this article in full, please click here

0

Cisco launches 10-year plan to train 25 million people in IT skills

As Cisco celebrates the 25th anniversary of Cisco Networking Academy, the company on Tuesday announced two new certifications and a plan to provide networking, cybersecurity and general IT  training to 25 million people over the next 10 years.The training will be done through the company's networking academy, an IT skills-to-jobs program that provides IT courses, learning simulators, and hands-on learning opportunities, supporting instructors and learners in 190 countries. To date, Cisco says more than 17.5 million global learners have taken Cisco Networking Academy courses to gain IT skills, with 95% of students attributing their post-course job or education opportunity to Cisco Networking Academy.To read this article in full, please click here

0

Fortinet’s SASE enhancements target remote-user access to private cloud, SaaS apps

New capabilities in Fortinet's secure access service edge (SASE) package are designed to help customers better secure their private and cloud-based assets.Fortinet added Secure Private Access and Secure SaaS Access features to its FortiSASE security platform, which includes SD-WAN, secure web gateway, firewall as a service, and zero-trust network access. All of Fortinet’s offerings run on top of its FortiOS operating system.To read this article in full, please click here

0

T-Mobile, Spectrum top mobile and fixed broadband speed test ratings

T-Mobile retained its place as the consensus fastest mobile data provider in the US, posting a median download speed of 116Mbps and outstripping Verizon and AT&T by a roughly two-fold margin in the latest market analysis report from network analysis firm Ookla. Additionally, the report—based on tests in the third quarter—found that Spectrum topped the rankings for fastest fixed broadband service, beating out Cox and Xfinity for the top spot with a median download speed of 211Mbps.The figures were gathered via Ookla’s online Speedtest website, which lets users test their internet connections for upload speed, download speed, latency and more.To read this article in full, please click here

0

HS035 Quiet Quitting Hustle Culture

Whats the deal with Quiet Quitting ? Johna & Greg get into a heated debate about the nature of work. Johna wants people to ‘do your job’, Greg wants ‘pay me more to do more’. How much can a companies expect from their employees as hustle culture is being rejected by more people.

0

HS035 Quiet Quitting Hustle Culture

Whats the deal with Quiet Quitting ? Johna & Greg get into a heated debate about the nature of work. Johna wants people to ‘do your job’, Greg wants ‘pay me more to do more’. How much can a companies expect from their employees as hustle culture is being rejected by more people.

The post HS035 Quiet Quitting Hustle Culture appeared first on Packet Pushers.

0

Internet disruptions overview for Q3 2022

Cloudflare operates in more than 275 cities in over 100 countries, where we interconnect with over 10,000 network providers in order to provide a broad range of services to millions of customers. The breadth of both our network and our customer base provides us with a unique perspective on Internet resilience, enabling us to observe the impact of Internet disruptions. In many cases, these disruptions can be attributed to a physical event, while in other cases, they are due to an intentional government-directed shutdown. In this post, we review selected Internet disruptions observed by Cloudflare during the third quarter of 2022, supported by traffic graphs from Cloudflare Radar and other internal Cloudflare tools, and grouped by associated cause or common geography. The new Cloudflare Radar Outage Center provides additional information on these, and other historical, disruptions.

Government directed shutdowns

Unfortunately, for the last decade, governments around the world have turned to shutting down the Internet as a means of controlling or limiting communication among citizens and with the outside world. In the third quarter, this was an all too popular cause of observed disruptions, impacting countries and regions in Africa, the Middle East, Asia, and the Caribbean.

Iraq

As Continue reading

0

How Calico CNI solves IP address exhaustion on Microsoft AKS

Companies are increasingly adopting managed Kubernetes services, such as Microsoft Azure Kubernetes Service (AKS), to build container-based applications. Leveraging a managed Kubernetes service is a quick and easy way to deploy an enterprise-grade Kubernetes cluster, offload mundane operations such as provisioning new nodes, upgrading the OS/Kubernetes, and scaling resources according to business needs.

AKS also provides a fault-tolerant Kubernetes control plane endpoint and automates the worker node maintenance and deployment process. With regards to networking within the cluster, AKS provides an integrated CNI to address basic Kubernetes networking requirements, such as configuring network interfaces and providing connectivity between pods. However, the basic container networking in Microsoft AKS comes with a limited set of IP addresses. As businesses grow, so does application usage. Having a limited set of IPs can cause scale, availability, and manageability challenges for Microsoft AKS users.

In this blog post, I will discuss IP address exhaustion on Microsoft AKS and how Calico can solve this issue. I will also explore how Calico can address scalability challenges and provide resources that can quickstart your journey in using Calico to solve IP address exhaustion on AKS.

Microsoft AKS BYOCNI

Earlier this year, Microsoft AKS introduced the ability to bring Continue reading