NetworkingNexus.net

Cloudflare customers on Free plans can now also get real-time DDoS alerts

We’re excited to announce that customers using our Free plan can now get real-time alerts about HTTP DDoS attacks that were automatically detected and mitigated by Cloudflare. The real-time DDoS alerts were originally announced over a year ago but were made available to customers on the Pro plan or higher. This announcement extends the DDoS alerts feature to Free plan users. You can read the original announcement blog post here.

What is a DDoS attack?

A Distributed Denial of Service (DDoS) attack is a cyber-attack that attempts to disrupt your online business. Whether your business relies on VoIP servers, UDP-based gaming servers, or HTTP servers, DDoS attacks can be used to disrupt any type of Internet property, server, or network.

In this blog post, we’ll focus on DDoS attacks that target HTTP servers. Whether your HTTP server is powering a mobile app, an eCommerce website, an API gateway, or any other HTTP application, if an attacker sends you more requests than it can handle, your server won't be able to serve your real users. A flood of requests can cause service disruptions or even take your entire server offline. DDoS attacks can have real-world consequences such as a blow to Continue reading

5 Ways to Protect Your Identity Online

One of the most important things to protect in this day and age is your identity. We live in a world where our personal information is constantly at a risk of being stolen, so it’s important to take precautions to prevent that from happening. With all the data breaches lately, it has become clear that we need to put more effort into protecting ourselves online. It’s no secret that the internet is a dangerous place. With the amount of personal information we share online, it can be easy to become a target for hackers and scammers. To help you protect your identity online, here are 5 ways you can stay protected on the internet.

Avoid Public Wi-Fi

One of the easiest ways to get hacked online is by using public Wi-Fi. Anyone can monitor your traffic when you’re connected to a public network, which means they could steal any data that’s sent over it. This includes usernames and passwords for all the different accounts you have on sites like Facebook or Gmail. Hackers are known to set up fake networks in order to gain access into people’s private information.

Be Careful With Your Social Media Accounts

Social media has Continue reading

Lenovo expands edge computing portfolio with AI-focused Nvidia GPUs

Lenovo’s latest addition to the ThinkEdge portfolio of edge-computing devices packs Nvidia GPUs with AI capabilities into a ruggedized design that’s roughly the size of a laptop.The ThinkEdge SE450 is a 2U, 300mm (12 inches) unit that includes a third-generation Xeon Platinum processor and up to four single-width or two double-width GPUs, along with six NVMe SSDs and 1TB of DDR4 memory, making it one of the first Nvidia-certified Edge systems. There is also a slightly larger model that’s 360mm (14.2 inches). Read more: 4 essential edge-computing use casesTo read this article in full, please click here

Lenovo expands edge computing portfolio with AI-focused Nvidia GPUs

Running IS-IS over Unnumbered Ethernet Interfaces

Last time we figured out that we cannot run OSPF over unnumbered interfaces that are not point-to-point links because OSPF makes assumptions about interface IP addresses. IS-IS makes no such assumptions; IPv4 and IPv6 prefixes are just a bunch of TLVs exchanged between routers over a dedicated layer-3 protocol with ridiculously long network addresses.

Could we thus build a totally unnumbered IP network with IS-IS even when the network contains multi-access segments? It depends:

Running IS-IS over Unnumbered Ethernet Interfaces

Could we thus build a totally unnumbered IP network with IS-IS even when the network contains multi-access segments? It depends:

Five Benefits of Software-Defined Network Security

Software-defined network security will help bring about other security trends, such as zero-trust network access and increased cloud adoption.

Fundamentals of Discrete Event Simulation(DES)

Introduction

In the last blog, we looked at SIS/SIR epidemic modeling using Discrete event simulation. This post will cover some fundamental concepts of Discrete Event Simulation, look at a few basic examples to develop an understanding, and end with a simulation of M/M/1 queuing model.

To get started, let’s look at an elementary example.Assume that we want to estimate the probability of observing the head in an experiment of tossing a coin. We know that if the coin is not biased, then the likelihood of getting a head is 1/2. We also know that if I toss the coin two or three times, we may not get exactly 1/2. We expect that if we keep tossing the coin for a very long time, the average probability of getting heads will converge to 1/2.

Experiment

So let’s run the experiment 1000 times of tossing the coin, and we get 0.49 as the probability of getting head, which is very close to our expectation of 1/2.

import random
import numpy as np
n = 1000
observed = []

for i in range(n):
    outcome = random.choice(['Head', 'Tail'])
    if outcome == 'Head':
        observed. Continue reading

Automation 9. Comparing data collection with NAPALM and OpenConfig/YANG over NETCONF in Python for Cisco IOS XR and Arista EOS

Hello my friend,

We hope you have aa good festive period, celebrated Christmas and New Year with your family and friends, and started the new year. Some time ago we’ve discussed a comparison of NAPALM and OpenConfig at a high level and promised to share some details. Today you will see the details of data collection with NAPALM and NETCONF with OpenConfig YANG modules.


1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Where to Start with Automation?

Recently we have had an interesting webinar together with Rick Donato, my colleague from a Network Automation Industry. During the webinar we mapped various products existing in the automation (not only network, but in general) space and, you know what, there is indeed a huge amount of products. Therefore, when you are already a savvy in the automation world, you can benefit from them a lot. However, if you are just making first steps, you will be totally lost.

We want you to be a beneficiary Continue reading

The road to success is paved with…IPv4 over SRv6 over ISIS and BGP on SROS 21.10

🌁The road to success is paved with…IPv4 over SRv6 over ISIS and BGP on SR OS 21.10🌄

“One packet does not make SPRING” — yours truly

The IETF Source Packet Routing in Networking (SPRING) working group was created in 2013, shortly after my family and I emigrated from Europe to Canada. I can’t say I’ve ever been involved personally, I have heard about Segment Routing as a concept but hadn’t really done anything with it until now. Especially in the context of “SRv6” it regularly seems to get derided as a networking vendor ploy to sell more equipment — but while I can confirm nor deny the level of truth in that, I am technically intrigued.

For every problem there are countless solutions, and this is especially true in networking. Does the world really need Yet Another Method to send packets from A to B? The strive for simplicity would seem to imply a minimal amount of variations and protocols, but how can we know what “simple” looks like? This line of thinking inspired a challenge 🥶: Build the most complicated combination of protocols you can imagine, then take it from there.

SRv6 — “or some people would feel left out”

Never Continue reading

Vote for us at 2021 IT Blog Awards

Hello dear friend,

Please, vote for us (Team Karneliuk) at IT Blog Awards 2021. Obviously, do so if you like what we are doing: writing blogs and learning articles, developing Open Source tools, creating for your practical use cases. Each voice counts, and we kindly ask you to support us.

Best regards,
Team Karneliuk

2022 Goals

2022 Goals In 2021, the pandemic managed to get to me. It seemed like alot of curve balls came my way. But, myself and my family came out the other end healthy and in relatively good spirits. 2022 is going to be a bit of a do-over in terms of my goals for the year. Without further...continue reading

Wi-Fi 6 Release 2, Or Why Naming Conventions Suck

I just noticed that the Wi-Fi Alliance announced a new spec for Wi-Fi 6 and Wi-Fi 6E. Long-time readers of this blog will know that I am a fan of referring to technology by the standard, not by a catch term that serves as a way to trademark something, like Pentium. Anyway, this updated new standard for wireless communications was announced on January 5th at CES and seems to be an entry in the long line of embarrassing companies that forget to think ahead when naming things.

Standards Bodies Suck

Let’s look at what’s included in the new release for Wi-Fi 6. The first and likely biggest thing to crow about is uplink multi-user MIMO. This technology is designed to enhance performance and reduce latency for things like video conferencing and uploading data. Essentially, it creates multi-user MIMO for data headed back the other direction. When the standard was first announced in 2018 who knew we would have spent two years using Zoom for everything? This adds functionality to help alleviate congestion for applications that upload lots of data.

The second new feature is power management. This one is aimed primarily at IoT devices. The combination of broadcast target wake Continue reading

Unintended Dystopia

I’ve recently finished my 16th book (according to Goodreads, at any rate). This one is a little different than my normal fare—it’s essentially an expanded and revised version of the dissertation. Rather than being about technology proper, this latest is an examination of the history and philosophy of the superset of social media, which I’ve dubbed neurodigital media.

Fair warning, some readers might find this book a little … controversial.

From the back of the book—

Social media, shopping experiences, and mapping programs might not seem like they have much in common, but they are all built on neurodigital media. What is neurodigital media? It lives at the intersection of the Californian Ideology, the digital computing revolution, network ecosystems, the nudge, and a naturalistic view of the person. The Californian Ideology holds individuals should be reshaped, naturalism says individuals may be reshaped, and digital computing provides the tools, through network ecosystems theory and the nudge, that can reshape individuals. This book explores the history and impact of neurodigital media in the lives of everyday users.

Blessay: Do you still feel the same way about “merchant silicon” / x86 vs custom ASICs?

You asked if my view is the same from 2011

Heavy Networking 613: Deploying An Active-Active Data Center Network For Private Cloud (Sponsored)

This Heavy Networking episode focuses on building a data center fabric. Pluribus Networks is our sponsor. Pluribus brought along a customer to talk about their active/active DC deployment. We’ll get into stretching layer 2 safely, Pluribus's L3 capabilities, operational concerns of active/active when the DCs are many hundreds of miles apart, and the pressure of delivering customer-facing services that drove the selection of the Pluribus architecture.

Heavy Networking 613: Deploying An Active-Active Data Center Network For Private Cloud (Sponsored)

The post Heavy Networking 613: Deploying An Active-Active Data Center Network For Private Cloud (Sponsored) appeared first on Packet Pushers.

Running Containers At Scale – The Best Data Path to Success

Understanding the route that data takes within the system can reveal both the potential source of lower than desired performance and its solution.

Using Rustlang’s Async Tokio Runtime for CPU-Bound Tasks

Despite the term async and its association with asynchronous network I/O, this blog post argues that the Tokio.rs describes it as: “an asynchronous runtime for the Rust programming language. It provides the building blocks needed for writing network applications.” While this description emphasizes Tokio’s use for network communications, the runtime can be used for other purposes, as we will explore below. Why Use Tokio for CPU tasks? It turns out that modern analytics engines invariably need to Continue reading

A Workers optimization that reduces your bill

Recently, we made an optimization to the Cloudflare Workers runtime which reduces the amount of time Workers need to spend in memory. We're passing the savings on to you for all your Unbound Workers.

Background

Workers are often used to implement HTTP proxies, where JavaScript is used to rewrite an HTTP request before sending it on to an origin server, and then to rewrite the response before sending it back to the client. You can implement any kind of rewrite in a Worker, including both rewriting headers and bodies.

Many Workers, though, do not actually modify the response body, but instead simply allow the bytes to pass through from the origin to the client. In this case, the Worker's application code has finished executing as soon as the response headers are sent, before the body bytes have passed through. Historically, the Worker was nevertheless considered to be "in use" until the response body had fully finished streaming.

For billing purposes, under the Workers Unbound pricing model, we charge duration-memory (gigabyte-seconds) for the time in which the Worker is in use.

The change

On December 15-16, we made a change to the way we handle requests that are streaming through the Continue reading

« Previous 1 … 605 606 607 608 609 … 3,856 Next »