Heavy Networking 604: Taking A Systems Approach To Networking With Bruce Davie
Today's Heavy Networking discusses the notion of looking at, and learning about, networking via a systems approach. Our guest is Dr. Bruce Davie who's had a long career in networking, has written numerous IETF RFCs, and is the author of a new set of free books on networking and computer systems.Heavy Networking 604: Taking A Systems Approach To Networking With Bruce Davie
Today's Heavy Networking discusses the notion of looking at, and learning about, networking via a systems approach. Our guest is Dr. Bruce Davie who's had a long career in networking, has written numerous IETF RFCs, and is the author of a new set of free books on networking and computer systems.
The post Heavy Networking 604: Taking A Systems Approach To Networking With Bruce Davie appeared first on Packet Pushers.
Technology Short Take 147
Welcome to Technology Short Take #147! The list of articles is a bit shorter than usual this time around, but I’ve still got a good collection of articles and posts covering topics in networking, hardware (mostly focused on Apple’s processors), cloud computing, and virtualization. There’s bound to be something in here for most everyone! (At least, I hope so.) Enjoy your weekend reading!
Networking
- Chris Parker shares the reason why 65535 is not part of the private autonomous system range. It’s an interesting history lesson and explanation, even if you aren’t a networking nerd.
- Dmytro Shypovalov discusses ARP problems in EVPN. I laughed at his comment regarding people stepping on rakes (read the post).
- Evgeny Khabarov’s part 4 in a series on using Envoy as an API gateway talks about authentication and authorization (aka AuthN/AuthZ). In particular, Khabarov focuses on Envoy’s
ext_authzfilter, which is what allows Envoy to check with an authorization service to see if a request is permitted or denied. - I was having a bit of difficulty fully grokking the Original Destination feature in Envoy, and I found this article to be helpful in understanding how it works and is configured. Another very helpful resource on Continue reading
Getting In Front of Future Regret
Yesterday I sat in on the keynote from Commvault Connections21 and participated in a live blog of it on Gestalt IT. There was a lot of interesting info around security, especially related to how backup and disaster recovery companies are trying to add value to the growing ransomware issue in global commerce. One thing that I did take away from the conversation wasn’t specifically related to security though and I wanted to dive into a bit more.
Reza Morakabati, CIO for Commvault, was asked what he thought teams needed to do to advance their data strategy. And his response was very insightful:
Ask your team to imagine waking up to hear some major incident has happened. What would their biggest regret be? Now, go to work tomorrow and fix it.
It’s a short, sweet, and powerful sentence. Technology professionals are usually focused on implementing new things to improve productivity or introduce new features to users and customers. We focus on moving fast and making people happy. Security is often seen as running counter to this ideal. Security wants to keep people safe and secure. It’s not unlike the parents that hold on to their child’s bicycle after the training wheels Continue reading
Nonlinear Effects of Optimization-Induced Complexity
We have school holidays this week, so I’m reposting wonderful comments that would otherwise be lost somewhere in the page margins. Today: Minh Ha on recent Facebook failure and overly complex systems (slightly edited).
I incidentally commented on your NSF post some 3 weeks before […the Facebook outage…] happened, on the unpredictable nature of nonlinear effects resulting from optimization-induced complexity. Their outage just drives home the point that optimization is a dumb process and leads to combinations of circular dependency that no one can account for and test.
Nonlinear Effects of Optimization-Induced Complexity
We have school holidays this week, so I’m reposting wonderful comments that would otherwise be lost somewhere in the page margins. Today: Minh Ha on recent Facebook failure and overly complex systems (slightly edited).
I incidentally commented on your NSF post some 3 weeks before […the Facebook outage…] happened, on the unpredictable nature of nonlinear effects resulting from optimization-induced complexity. Their outage just drives home the point that optimization is a dumb process and leads to combinations of circular dependency that no one can account for and test.
On DNS Openness
How open is the DNS market? This is q question that is not just about barriers to competitive entry for new providers into the market. There is more to this question about the use of markets as a signalling mechanism across a diverse collection of intertwined producers and consumers. How effective is the market as a signalling mechanism across these entities? Is the market providing clear signals that allows orchestration of activity to support the evolution of a coherent and robust service? Is the market-driven evolution of the delivered product or service one that is chaotic and periodically disrupted?The Accelerated Path To Petabyte-Scale Graph Databases
Database acceleration using specialized co-processors is nothing new. Just to give a few examples, data warehouses running on the Netezza platform, owned by IBM for more than a decade now, uses a custom and parallelized PostgreSQL database matched to FPGA acceleration for database and storage routines. …
The Accelerated Path To Petabyte-Scale Graph Databases was written by Timothy Prickett Morgan at The Next Platform.
Peek Under the Hood: SE Labs NDR Test
Earlier this month, SE Labs awarded VMware the first ever AAA rating for Network Detection and Response (NDR)–highlighted by our ability to provide 100 percent protection from four major advanced and persistent (APT) groups across multi-cloud environments. The NDR test, the first of its kind, signified the changing threat landscape where enterprises need to identify and stop attackers inside the network where they are able to move freely to discover valuable information they can exfiltrate. Given expanding threat surfaces due to modern applications, work from anywhere and cloud transformation, the assumption is that attackers are likely already inside your network, making legacy cybersecurity tests focused solely on the perimeter increasingly-unsuitable assessments for protecting today’s modern enterprise.
According to the results from SE Labs, VMware NSX NDR provides 100 percent protection across multi-cloud environments from four major advanced and persistent threats (APT) groups—including FIN7&Carbanak, OilRig, APT3 and APT29—while returning zero false positives. This ability allows security operations teams to rapidly detect malicious activity and stop the lateral movement of threats inside the network.
Given that this is the first test of its kind, we wanted to give you a look under the hood to see how SE Labs used VMware NDR to detect all malicious network traffic and payloads from a specific threat group—OilRig – APT 34. Check out the Continue reading
Real-World HPC Gets the Benchmark It Deserves
While nothing can beat the notoriety of the long-standing LINPACK benchmark, the metric by which supercomputer performance is gauged, there is ample room for a more practical measure. …
Real-World HPC Gets the Benchmark It Deserves was written by Nicole Hemsoth at The Next Platform.
Audience Q+A: Gluware LiveStream Video [8/8]
Michael Haugh of Gluware joins Greg Ferro + Drew Conry-Murray of the Packet Pushers to discuss several questions that came in during the event. Most of them were technical, nerdy details. If you’re a network engineer, this Q&A is especially for you. If Gluware might be a fit for your network automation needs, visit here. […]
The post Audience Q+A: Gluware LiveStream Video [8/8] appeared first on Packet Pushers.
A Look Inside Modern Design Principles for Secure Boot in CPU Hardware
Secure boot features are typically customizable and capable of being turned on or off by the OEM. The question then arises of which mode should be the default.Boost your cloud-native deployments with Red Hat OpenShift
Cloud-native deployments are becoming the new normal. Being able to keep full control of the application lifecycle (deployment, updates, and integrations) is a strategic advantage. This article will explain how the latest release of the Ansible Content Collection for Red Hat OpenShift takes the redhat.openshift Collection to the next level, improving the performance of large automation tasks.
Red Hat OpenShift collection at a glance
The latest release of the redhat.openshift Collection introduces Ansible Turbo mode. Ansible Turbo mode enhances the performance of Ansible Playbooks when manipulating many Red Hat OpenShift objects. This is done by reusing existing API connections to handle new incoming requests, removing the overhead of creating a new connection for each request.
A real-world scenario
Red Hat OpenShift has become a leading platform that can handle many workloads in large enterprises dealing with multi-tenancy clusters. These are great candidates when different users, teams, and/or organizations are looking to run and operate in a shared environment.
One of the best features of Red Hat OpenShift is the capability to quickly and easily create and destroy resources (e.g., namespace, ConfigMaps, Pod). Even with relatively light usage, deploying each one Continue reading
Big Picture: BFD, Non-Stop Forwarding, and Graceful Restart
We have school holidays this week, so I’m reposting wonderful comments that would otherwise be lost somewhere in the page margins. Today: Erik Auerswald’s excellent summary of BFD, NSF, and GR.
I’d suggest to step back a bit and consider the bigger picture: What is BFD good for? What is GR/NSF/NSR/SSO good for?
BFD and GR/NSF/NSR/SSO have different goals: one enables quick fail over, the other prevents fail over. Combining both promises to be interesting.
Big Picture: BFD, Non-Stop Forwarding, and Graceful Restart
We have school holidays this week, so I’m reposting wonderful comments that would otherwise be lost somewhere in the page margins. Today: Erik Auerswald’s excellent summary of BFD, NSF, and GR.
I’d suggest to step back a bit and consider the bigger picture: What is BFD good for? What is GR/NSF/NSR/SSO good for?
BFD and GR/NSF/NSR/SSO have different goals: one enables quick fail over, the other prevents fail over. Combining both promises to be interesting.
Intel Aims For Zettaflops By 2027, Pushes Aurora Above 2 Exaflops
Just because Intel is no longer interested in being a prime contractor on the largest supercomputing deals in the United States and Europe – China and Japan are drawing their own roadmaps and building their own architectures – does not mean that Intel does not have aspirations in HPC and AI supercomputing. …
Intel Aims For Zettaflops By 2027, Pushes Aurora Above 2 Exaflops was written by Timothy Prickett Morgan at The Next Platform.