When a BGP router cannot fit the whole BGP table into its forwarding table (FIB), we often use inbound filters to limit the amount of information the device keeps in its BGP table. That’s usually a waste of resources:
Wouldn’t it be better for the device with an inbound filter to push that filter to its BGP neighbors?
Economic and technical forces have a kind of momentum that keeps them growing even as any new technology goes through its inevitable hype cycle from innovation to inflated expectations to disillusionment to deployment into productivity. …
GenAI Boom: Datacenter Spending Forecast Raised Again was written by Timothy Prickett Morgan at The Next Platform.
COMMISSIONED: Among the many tough decisions IT leaders face is where to best host AI workloads. …
How Enterprise AI Can Ease The Data Gravity Burden was written by Timothy Prickett Morgan at The Next Platform.
I just wasted several days trying to figure out how to make the dozen (or so) platforms for which we implemented VRRPv3 in netlab work together. This is the first in a series of blog posts describing the ridiculous stuff we discovered during that journey
The idea was pretty simple:
The dependency dance between AI pioneer OpenAI and the Microsoft Azure cloud and the application software divisions of its parent company are fascinating to watch. …
OpenAI Declares Its Hardware Independence (Sort Of) With Stargate Project was written by Timothy Prickett Morgan at The Next Platform.
The believers in the There Be Four Layers religion think everything below IP is just a blob of stuff dealing with physical things:
People steeped in a slightly more nuanced view of the world in which IP is not the centerpiece of the universe might tell you that the blob of stuff we need is two things:
The University of Stuttgart’s High Performance Computing Center (HLRS) in Germany tapped Hewlett Packard Enterprise back in December 2023 to build a prototype hybrid CPU-GPU supercomputer nicknamed “Hunter” to pave the way towards an exascale-class machine it is budgeting to have installed in 2027 called “Herder.” …
HLRS Takes First Steps To Exascale was written by Timothy Prickett Morgan at The Next Platform.
If you follow my blogs, you might know that I recently switched to Proxmox from VMware Workstation Pro for my home lab. I’ve already migrated most of my VMs, including Cisco CML, to Proxmox, and the last piece left was EVE-NG. In this blog post, we’ll go through the steps to install EVE-NG in Proxmox. Let’s get started!
As always, if you find this post helpful, press the ‘clap’ button on the left. It means a lot to me and helps me know you enjoy this type of content.
EVE-NG doesn’t have official documentation for Proxmox, but it works perfectly fine, and I haven’t faced any issues so far. For this example, I’m using
Most of the VM’s settings can be left at their default values, but there are a couple of changes I had to make. Before diving in, let's have a quick look at Nested Virtualization.
Nested virtualization allows you to run virtual machines Continue reading
Welcome to the 20th edition of the Cloudflare DDoS Threat Report, marking five years since our first report in 2020.
Published quarterly, this report offers a comprehensive analysis of the evolving threat landscape of Distributed Denial of Service (DDoS) attacks based on data from the Cloudflare network. In this edition, we focus on the fourth quarter of 2024 and look back at the year as a whole.
When we published our first report, Cloudflare’s global network capacity was 35 Terabits per second (Tbps). Since then, our network’s capacity has grown by 817% to 321 Tbps. We also significantly expanded our global presence by 65% from 200 cities in the beginning of 2020 to 330 cities by the end of 2024.
Using this massive network, we now serve and protect nearly 20% of all websites and close to 18,000 unique Cloudflare customer IP networks. This extensive infrastructure and customer base uniquely positions us to provide key insights and trends that benefit the wider Internet community.
In 2024, Cloudflare’s autonomous DDoS defense systems blocked around 21.3 million DDoS attacks, representing a 53% increase compared to 2023. On average, in 2024, Cloudflare blocked 4,870 Continue reading
The United States ban on TikTok went into effect on January 19, 2025, and although service began to be restored after just 14 hours, it was only close to the inauguration of Donald Trump as the 47th President of the United States that associated DNS traffic started to recover to closer to previous levels. In this post, we analyze the events of January 19 and 20, and what they meant for TikTok-related DNS traffic, but also other competitors (including their growth outside the US).
For context, we wrote an initial blog post about the TikTok ban on Sunday, January 19, 2025. The ban was part of the "Protecting Americans from Foreign Adversary Controlled Applications Act," proposed in Congress, which ordered ByteDance to divest due to alleged security concerns. The bill was signed into law by Congress and President Biden in April 2024, and was upheld by the Supreme Court on January 17, 2025.
Aggregated data from our 1.1.1.1 DNS resolver shows — as we’ve posted on social media — that the TikTok shutdown in the US began to impact DNS traffic to TikTok-related domains on January 19, just after 03:30 UTC (22:30 ET on January Continue reading
Whenever I was explaining how one could build EBGP-only data center fabrics, someone would inevitably ask, “But could you do that with IBGP?”
TL&DR: Of course, but that does not mean you should.
Anyway, leaving behind the land of sane designs, let’s trot down the rabbit trail of IBGP-only networks.
One of the goals we’re always trying to achieve when developing netlab features is to make the lab topologies as concise as possible1. Among other things, netlab supports numerous ways of describing links between lab devices, allowing you to be as succinct as possible.
A bit of a background first: