EVPN-VXLAN Explainer 4 – Route Type Three and Auto-Discovery

EVPN-VXLAN Explainer 4 - Route Type Three and Auto-Discovery

In this post we will have a look at another EVPN Route Type, that being RT-3, which goes by the rather opaque name of 'Inclusive Multicast Ethernet Tag'; and look at how it is used to ensure EVPN peers flood traffic to those neighbours that need it.
Firstly, we'll look at EVPN packet forwarding to provide some context around why this Route Type is important, then we will dive into its details, with all the usual show commands, packet captures and plethora of RFC name drops.

EVPN Packet Forwarding

Let's start off by running through EVPN Packet forwarding, for that we need an example network.

Example Network

  • For this post, we'll use a slightly larger network, this time with three switches.
  • As shown in Figure 1 below, this consists of three Aruba 6300s, all configured for OSPF and EVPN.
  • To emulate customer workloads, I have a physical linux server attached to each 6300. I have configured the interconnecting port as a trunk to generate traffic in different VLANs.
  • Each node is configured with customer-faced VLAN 10, which is bound to VNI 1010.
  • However, only two of the three peers, 6300-1 and 6300-2, are configured with a second VLAN and VNI, Continue reading

Can Broadcom + VMware move enterprise networking forward?

Broadcom's planned acquisition of VMware could open opportunities to reach enterprise and telco companies alike with innovative technology. The question is whether Broadcom will let VMware further develop tools for 5G, software-defined networking (SDN), and other technologies.Semiconductor manufacturer and infrastructure software vendor Broadcom confirmed Thursday that it has reached an agreement to buy VMware in a deal worth roughly $61 billion in stock and cash, subject to closing conditions, including regulatory and shareholder approval.To read this article in full, please click here

How will Broadcom and VMware move enterprise networking forward?

Broadcom's planned acquisition of VMware might open opportunities to reach enterprise and telco companies alike with innovative technology. The question is whether Broadcom will give VMware the opportunity to further develop 5G, SDN (software-defined networking), multicloud management and other networking tools.Semiconductor manufacturer and infrastructure software vendor Broadcom confirmed Thursday that it has reached an agreement to buy VMware in a deal worth roughly $61 billion in stock and cash, subject to customary closing conditions, including regulatory and shareholder approval.To read this article in full, please click here

Pros and Cons of Radio Networking

Radio networking is a wireless communication method that uses radio waves to connect devices. It is commonly used in computer networks, cell phone networks, and other devices that need to communicate wirelessly.

Radio networking is often used in situations where it is not possible or convenient to use wired networking, such as in mobile or portable applications. Radio networking can be either peer-to-peer or infrastructure. 

In peer-to-peer networking, each device acts as both a transmitter and receiver, and there is no central access point. Infrastructure networking uses one or more access points that act as repeaters, amplifiers, and signal boosters to extend the range of the network. 

Advantages of radio networking

Radio networking has many advantages over other types of wireless communication. It is very reliable and can work in a variety of environments. Radio networking is also very secure and can be encrypted to protect data. Radio networking is also very fast and can support high-speed data transfers.

Low start-up costs

One of the biggest advantages of radio networking is that it has very low start-up costs. All you need is a radio transmitter and receiver, and you can start communicating.

This makes radio networking ideal for Continue reading

Cloudflare’s approach to handling BMC vulnerabilities

Cloudflare’s approach to handling BMC vulnerabilities
Cloudflare’s approach to handling BMC vulnerabilities

In recent years, management interfaces on servers like a Baseboard Management Controller (BMC) have been the target of cyber attacks including ransomware, implants, and disruptive operations. Common BMC vulnerabilities like Pantsdown and USBAnywhere, combined with infrequent firmware updates, have left servers vulnerable.

We were recently informed from a trusted vendor of new, critical vulnerabilities in popular BMC software that we use in our fleet. Below is a summary of what was discovered, how we mitigated the impact, and how we look to prevent these types of vulnerabilities from having an impact on Cloudflare and our customers.

Background

A baseboard management controller is a small, specialized processor used for remote monitoring and management of a host system. This processor has multiple connections to the host system, giving it the ability to monitor hardware, update BIOS firmware, power cycle the host, and many more things.

Cloudflare’s approach to handling BMC vulnerabilities

Access to the BMC can be local or, in some cases, remote. With remote vectors open, there is potential for malware to be installed on the BMC from the local host via PCI Express or the Low Pin Count (LPC) interface. With compromised software on the BMC, malware or spyware could maintain persistence on the server.

Cloudflare’s approach to handling BMC vulnerabilities

Continue reading

What’s new in Ansible Automation Platform 2.2

 

aap2.2

The Ansible product team at Red Hat is thrilled to announce the general availability of Red Hat Ansible Automation Platform 2.2, which includes numerous features and bug fixes that further solidify Ansible Automation Platform as the de facto enterprise IT automation solution for developers to operations teams in data centers, clouds, and at the edge. A few of the most noteworthy features in this release include:

  • New automation topology viewer in automation controller

  • Red Hat Ansible Certified Content Collections to be digitally signed in Ansible automation hub

  • Updated Ansible developer and creator tooling: ansible-navigator, ansible-lint, and VSCode language server support

  • Enhanced network automation Collections

  • Automation services catalog now available on-premise

  • Reporting and analytics of automation data are now further integrated and streamlined

  • Red Hat Enterprise Linux 9 support

Don’t forget to check out the product documentation including the release notes!

Automation topology viewer

Let’s face it, automating at enterprise scale is really hard. Although many features were added for the content creator and developer in Ansible Automation Platform 2, the automation operations teams are typically responsible for making sure automation is up and running as it should across all inventories, worldwide, with 24/7 availability and uptime. As enterprise Continue reading

How we treat content as a product

How we treat content as a product
How we treat content as a product

At Cloudflare, we talk a lot about how to help build a better Internet. On the Product Content Experience (PCX) team, we treat content like a product that represents and fulfills this mission. Our vision is to create world-class content that anticipates user needs and helps build accessible Cloudflare products. We believe we can impact the Cloudflare product experience and make it as wonderful as possible by intentionally designing, packaging, and testing the content.

What is “content like a product”?

I like taking on projects. A singular goal is met, and I clearly know I’m successful because the meaning of “done” is normally very clear. For example, I volunteer some of my time editing academic papers about technology. My role as an editor is temporary and there is a defined beginning and end to the work. I send my feedback and my task is largely complete.

“Content like a product” is when you shift your mindset from completing projects to maintaining a product, taking into consideration the user and their feedback. Product content at Cloudflare is an iterative, living, breathing thing. Inspired by the success of teams that adopt an agile mindset, along with some strategic functions you might find Continue reading

Kubernetes Unpacked 001: Prerequisites For Kubernetes Success

Welcome to the inaugural episode of Kubernetes Unpacked, a new podcast in the Packet Pushers Community Channel. The goal of this podcast is to help IT professionals understand Kubernetes: how it works; how and why it's used; how to deploy, operate, and manage the platform on premises and in the cloud; Kubernetes networking and security concepts; and more.

The post Kubernetes Unpacked 001: Prerequisites For Kubernetes Success appeared first on Packet Pushers.

Look to Google to solve looming data-center speed challenges

When you think of data-center networking, you almost certainly think of Ethernet switches. These gadgets have been the foundation of the data-center network for decades, and there are still more Ethernet switches sold into data-center applications than any other technology.  Network planners, though, are starting to see changes in applications, and those changes are suggesting that it’s time to think a bit harder about data center network options. Your data center is changing, and so should its network.To read this article in full, please click here

1 499 500 501 502 503 3,841