Automation 10. Installing NAPALM Community Driver for Nokia SRO OS and comparing NAPALM and OpenConfig/YANG.

Hello my friend,

In the previous blogpost we have compared the usage of NAPALM and OpenConfig YANG modules with NETCONF transport for Cisco IOS XR and Arista EOS. Those two operation systems are so called core operating systems for NAPALM and are included in its standard distribution. Besides them, other three (there are five core network operating systems in NAPALM) are Cisco IOS, Cisco Nexus, and Juniper Junos. You though can use NAPALM with other operating systems, if there are community drivers available. In today’s blogpost we cover installation and usage of NAPALM Community Driver for Nokia SR OS and its comparison against OpenConfig/YANG with NETCONF. 



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

How Is It Important to Know Python?

Recently we were engaged with one of our customers to help with OpenStack deployment. The first step for us was to build the lab, which could replicate the desired setup. The installation of OpenStack manually (there are means to automate that as Continue reading

Simplifying Multi-Cloud Networking: Stateless, Competitors See Opportunity In NaaS

This article was originally posted on Packet Pushers Ignition on May 12, 2021. To business executives and the IT subordinates seeking to appease them, being a cloud-first company is no longer enough. Now they feel compelled to be multi-cloud, on the premise that if one is good, two or more are better. Multi-cloud adherents believe […]

The post Simplifying Multi-Cloud Networking: Stateless, Competitors See Opportunity In NaaS appeared first on Packet Pushers.

Weekend Reads 012222


When you’re out and about, and especially when you’re traveling, you might find yourself feeling quite a bit of anxiety when logging into public Wi-Fi.


There are a lot of resources out there on Twitter, Reddit, and YouTube about this epic vulnerability. I wanted to create this post to summarize the main things I learned, ways to test it as pentester, and the mitigation controls that help prevent the exploitation of this vulnerability.


A Romanian vulnerability researcher has discovered more than 70 flaws in combinations of cloud applications and content delivery networks (CDNs) that could be used to poison the CDN caches and result in denial-of-service (DoS) attacks on the applications.


As we look ahead into 2022, the datacenter compute landscape is considerably richer than it was a decade ago.


In a perfectly regulated industry, both the industry and the public should be miffed at regulators for not fully supporting their issues.


One could argue that the last few years have highlighted some of the most pressing semiconductor industry issues but there are challenges on the horizon well beyond current supply chain and silicon manufacturing bottlenecks.


In light of recent incidents that impacted both information technology (IT) and operational technology Continue reading

The Demise of G-Suite

In case you missed it this week, Google is killing off the free edition of Google Apps/G-Suite/Workspace. The short version is that you need to convert to a paid plan by May 1, 2022. If you don’t you’re going to lose everything in July. The initial offering of the free tier was back in 2006 and the free plan hasn’t been available since 2012. I suppose a decade is a long time to enjoy custom email but I’m still a bit miffed at the decision.

Value Added, Value Lost

It’s pretty easy to see that the free version of Workspace was designed to encourage people to use it and then upgrade to a paid account to gain more features. As time wore on Google realized that people were taking advantage of having a full suite of 50 accounts and never moving, which is why 2012 was the original cutoff date. Now there has been some other change that has forced their hand into dropping the plan entirely.

I won’t speculate about what’s happening because I’m sure it’s complex and tied to ad revenue and privacy restrictions that people are implementing that is reducing the value of the data Google has Continue reading

Emotet Is Not Dead (Yet)

The state of cyber security is a typical example of a cat-and-mouse game between hackers and defenders. Sometimes, a threat that appears to be under control, if not completely mitigated, comes back with a vengeance. This is exactly what happened to Emotet.   

It has been just about a year since the Emotet botnet was taken down, thanks to the international efforts of multiple law enforcement agencies. But the silence from Emotet attackers did not last long. Late last year, we saw report on the resurface of Emotet distributed by Trickbot. Recently VMware’s Threat Analysis Unit saw another Emotet campaign—where the attacks leveraged the increasingly abused Excel 4.0 (XL4) macros to spread Emotet payloads.  

In this blog post, we investigate the first stage of the recent Emotet attacks by analyzing one of the samples from the recent campaign and reveal novel tactics, techniques, and procedures (TTPs) that were not used by Emotet in the past.

The Recent Emotet Campaign

Figure 1 shows the detection timeline of a recent Emotet campaign that affected some of our customers—mostly in the EMEA region. The campaign started on January 11 and peaked the next day before fading Continue reading

Follow Up: Bootstrapping Servers into Ansible

Seven years ago, I wrote a quick post on bootstrapping servers into Ansible. The basic gist of the post was that you can use variables on the Ansible command-line to specify hosts that aren’t part of your inventory or log in via a different user (useful if the host doesn’t yet have a dedicated Ansible user account because you want to use Ansible to create that account). Recently, though, I encountered a situation where this approach doesn’t work, and in this post I’ll describe the workaround.

In one of the Slack communities I frequent, someone asked about using the approach described in the original blog post. However, they were having issues connecting. Specifically, this error was cropping up in the Ansible output (names have been changed to protect the innocent):

fatal: [new-server.int.domain.test]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,password).", "unreachable": true}

Now, this is odd, because the Ansible command-line being executed included the parameters I mentioned in the original blog post:

ansible-playbook bootstrap.yml -i inventory/hosts -K --extra-vars "hosts=new-server.int.domain.test user=john"

For some reason, though, it was ignoring that parameter and Continue reading

BrandPost: FedRAMP Helps Secure Federal and Other Networks as They Transition to Cloud

By: Dolan Sullivan, Vice President of Federal at Aruba, a Hewlett Packard Enterprise company.Recently, it seems like you can’t go more than a few days without hearing about another significant cyberattack. From oil pipelines and meat producers to hospitals and city water supplies, no segment of our nation’s critical infrastructure is immune to hackers. As bad actors become more daring in their targets and more creative with their exploits, securing people, places, and things—wherever they are—has never been more urgent for Federal IT leaders.Against this backdrop of unprecedented cyberattacks on our nation, other factors are contributing to the increased need for more robust security measures and policies to protect our Federal networks. For example, telework continues out of necessity, and in some cases, staff preference. Adoption of smart controls for equipment, physical access to facilities, environmental management, and other uses of IoT, is growing. Improving cybersecurity to protect the Federal government networks is an Executive Order. And, the uptake of cloud apps and services has accelerated.To read this article in full, please click here

Lessons Learned from 6 Years of IO Scheduling at ScyllaDB

Pavel (Xemul) Emelyanov Pavel is a principal engineer at ScyllaDB. He is an ex-Linux kernel hacker now speeding up row cache, tweaking the IO scheduler and helping to pay back technical debt for component interdependencies. Scheduling requests of any kind always serves one purpose: gain control over the priorities of those requests. In the priority-less system, there’s no need to schedule; just putting whatever arrives into the queue and waiting until it finishes is enough. I’m a principal engineer for

Heavy Networking 614: eBPF, Cloud-Native Networking, And Other Modern Networking Trends

Today's Heavy Networking gets deep in the guts of what’s going on with all the modern trends in networking: cloud-native, containers, eBPF, Kubernetes, DPUs, and so on. Guests Brent Salisbury and Dave Tucker give their insider’s view of developments in cutting-edge networking tech. You’ll walk away with a better idea of what to pay attention to in the months and years to come.

Heavy Networking 614: eBPF, Cloud-Native Networking, And Other Modern Networking Trends

Today's Heavy Networking gets deep in the guts of what’s going on with all the modern trends in networking: cloud-native, containers, eBPF, Kubernetes, DPUs, and so on. Guests Brent Salisbury and Dave Tucker give their insider’s view of developments in cutting-edge networking tech. You’ll walk away with a better idea of what to pay attention to in the months and years to come.

The post Heavy Networking 614: eBPF, Cloud-Native Networking, And Other Modern Networking Trends appeared first on Packet Pushers.

Internet outage in Yemen amid airstrikes

Internet outage in Yemen amid airstrikes

The early hours of Friday, January 21, 2022, started in Yemen with a country-wide Internet outage. According to local and global news reports airstrikes are happening in the country and the outage is likely related, as there are reports that a telecommunications building in Al-Hudaydah where the FALCON undersea cable lands was hit.

Cloudflare Radar shows that Internet traffic dropped close to zero between 21:30 UTC (January 20, 2022) and by 22:00 UTC (01:00 in local time).

Internet outage in Yemen amid airstrikes

The outage affected the main state-owned ISP, Public Telecommunication Corporation (AS30873 in blue in the next chart), which represents almost all the Internet traffic in the country.

Internet outage in Yemen amid airstrikes

Looking at BGP (Border Gateway Protocol) updates from Yemen’s ASNs around the time of the outage, we see a clear spike at the same time the main ASN was affected ~21:55 UTC, January 20, 2022. These update messages are BGP signalling that Yemen’s main ASN was no longer routable, something similar to what we saw happening in The Gambia and Kazakhstan but for very different reasons.

Internet outage in Yemen amid airstrikes

So far, 2022 has started with a few significant Internet disruptions for different reasons:

1. An Internet outage in The Gambia because of a cable problem.
2. An Internet Continue reading

Technology Short Take 151

Welcome to Technology Short Take #151, the first Technology Short Take of 2022. I hope everyone had a great holiday season and that 2022 is off to a wonderful start! I have a few more links than normal this time around, although I didn’t find articles in a couple categories. Don’t worry—I’ll keep my eyes peeled and my RSS reader ready to pull in new articles in those categories for next time. And now for the content!

Networking

Servers/Hardware

Video: Machine Learning Techniques

After Javier Antich walked us through the AI/ML hype and described the basics of machine learning it was time for a more thorough look at:

  • Machine learning techniques, including unsupervised learning (clustering and anomaly detection), supervised learning (regression, classification and generation) and reinforced learning
  • Machine learning implementations, including neural networks, deep neural networks and convolutional neural networks.
Watch the video
You need Free ipSpace.net Subscription to access this webinar.

Video: Machine Learning Techniques

After Javier Antich walked us through the AI/ML hype and described the basics of machine learning it was time for a more thorough look at:

  • Machine learning techniques, including unsupervised learning (clustering and anomaly detection), supervised learning (regression, classification and generation) and reinforced learning
  • Machine learning implementations, including neural networks, deep neural networks and convolutional neural networks.
Watch the video
You need Free ipSpace.net Subscription to access this webinar.

Juniper Networks’ SD-WAN Can Now Be Operated Via Mist Cloud

Juniper Networks’ SD-WAN appliances and software can now be fully managed from Juniper’s Mist Cloud. It’s part of Juniper’s larger goal to Mist-ify its LAN and WAN portfolio. Juniper’s SD-WAN product is based on the Session Smart Routers (SSRs) from Juniper’s acquisition of 128 Technology. Customers can now use Mist Cloud to onboard SSR hardware, […]

The post Juniper Networks’ SD-WAN Can Now Be Operated Via Mist Cloud appeared first on Packet Pushers.

1 587 588 589 590 591 3,841