Automating NSX-T Firewall Configuration

Noël Boulene decided to automate provisioning of NSX-T distributed firewall rules as part of his Building Network Automation Solutions hands-on work.

What makes his solution even more interesting is the choice of automation tool: instead of using the universal automation hammer (aka Ansible) he used Terraform, a much better choice if you want to automate service provisioning, and you happen to be using vendors that invested time into writing Terraform provisioners.

More details

Can Your Organization Benefit from Edge Data Centers?

In an era defined by a growing need for super-fast processing and maximum flexibility, small and nimble edge data centers are gaining traction.

ShortestPathFirst Adds InfoBlox to Product Portfolio

ShortestPathFirst adds Infoblox to it’s product porfolio. This solution will assist our customers in automating, modernizing, and simplifying DDI and DNS security in their networking environment.

Hedge 098: DRIP with Stuart Card

Drones are becoming—and in many cases have already become—an everyday part of our lives. Drones are used in warfare, delivery services, photography, and recreation. One of the problems facing the world of drones, however, is the strong tie-in between the controller and the drone; this proprietary link limits innovation and reduces the information available to public officials to manage traffic, and even to protect the privacy of drone operators. The DRIP working group is building protocols designed to standardize the drone-to-controller interface, advancing the state of the art in drones and opening up the field for innovation. Stuart Card joins Alvaro Retana and Russ White to discuss DRIP.

download

Day Two Cloud 113: Multi-Cloud Network Visibility And Automation With Aviatrix (Sponsored)

Today's Day Two Cloud episode dives into multi-cloud networking with sponsor Aviatrix. Aviatrix offers a cloud network platform with a common data plane and operational model that works across public clouds and supports visibility and automation. We dig into the product with Aviatrix guests and a customer.

Day Two Cloud 113: Multi-Cloud Network Visibility And Automation With Aviatrix (Sponsored)

The post Day Two Cloud 113: Multi-Cloud Network Visibility And Automation With Aviatrix (Sponsored) appeared first on Packet Pushers.

Doing The Math On CPU-Native AI Inference

A number of chip companies — importantly Intel and IBM, but also the Arm collective and AMD — have come out recently with new CPU designs that feature native Artificial Intelligence (AI) and its related machine learning (ML). …

Doing The Math On CPU-Native AI Inference was written by Mark Funk at The Next Platform.

Hybrid Disk/Flash Storage Isn’t New, But It Is Getting Better

Five years ago, Western Digital, known for its hard disk drive (HDD) storage technologies, doled out $19 billion in cash and stock for SanDisk and its solid state drive (SDD) product portfolio, giving it deep expertise in the non-volatile flash memory space at a time when enterprises were looking for expanded storage options in the wake of the rise of the cloud and the edge. …

Hybrid Disk/Flash Storage Isn’t New, But It Is Getting Better was written by Jeffrey Burt at The Next Platform.

The API Gateway: Networking at Layer 8

As the network stack expands to support the API economy, network architecture must expand its domain to include APIs.

NSA Makes Another Cloud Jump with $2 Billion HPE Deal

Perhaps the National Security Agency (NSA) in the U.S. is over procuring and maintaining some of its on-prem supercomputers. …

NSA Makes Another Cloud Jump with $2 Billion HPE Deal was written by Nicole Hemsoth at The Next Platform.

Will Intel’s new desktop-CPU design come to its Xeon server chips?

As part of its Architecture Day, Intel spent a lot of time discussing its next generation PC microprocessor microarchitecture, Alder Lake, which marks a radical change for Intel. The question for us in the data center is will the design make its way to the server? If past is prologue, then yes, in time.Alder Lake is due later this fall in three versions: desktop, mobile, and ultra portable. It will come with up to 16 cores and 24 threads and support for PCI Express 5 and DDR5 memory plus other features.Now see "How to manage your power bill while adopting AI" Here’s where it gets interesting. The desktop part with 16 cores is actually a split between eight performance cores—P-Cores—and eight efficiency cores—E-Cores. The mobile and ultra-mobile parts also use this dual-core design but with fewer cores. The P-Core is for compute tasks, while the E-Core is assigned background tasks like email syncing and antivirus checks. This is hardly a new idea. Arm has done this for years with its big.LITTLE core designs.To read this article in full, please click here

Will Intel’s new desktop-CPU design come to its Xeon server chips?

Wi-Fi 7 is coming, and Intel makes it sound great

Wi-Fi has been with us since 1997, predating Google, the iPhone, and robotic vacuum cleaners. It’s basically a legacy technology! Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who’s the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for Despite its maturity, Wi-Fi is always evolving to meet the needs of consumers and enterprises. There have been eight versions of the Wi-Fi network protocol, with the latest (Wi-Fi 6 or, to use its “street name,” 802.11ax) being released in 2019. Each iteration has been faster and more reliable than its predecessor, a comforting trend. Three-and-a-half generations (Wi-Fi 4, Wi-Fi 5, and Wi-Fi 6 and 6E) currently are in use.To read this article in full, please click here

MikroTik RouterOS Advanced Configuration

In the previous tutorial, we installed and configured a brand new MikroTik hAP ac³ router for connection to the Internet. We also improved the overall security of the router by implementing simple steps to harden it. These include things like disabling unused services, enabling HTTPS for device management, updating RouterOS, and reconfiguring the firewall rules. […]
Continue reading...

netlab Python Package and Unified CLI

One of the major challenges of using netsim-tools (now renamed to netlab) was the installation process – pull the code from GitHub, install the prerequisites, set up search paths… I knew how to fix it (turn the whole thing into a Python package) but I was always too busy to open that enormous can of worms.

That omission got fixed; netlab is now available on PyPI and installed with pip3 install networklab.

netsim-tools: Python Package and Unified CLI

One of the major challenges of using netsim-tools was the installation process – pull the code from GitHub, install the prerequisites, set up search paths… I knew how to fix it (turn the whole thing into a Python package) but I was always too busy to open that enormous can of worms.

That omission got fixed in summer 2021; netsim-tools is now available on PyPI and installed with pip3 install netsim-tools.

Outdated Data Center Risks: How Organizational Mandates Help

Organizations should create mandates requiring upgrades to their outdated data centers at a regular cadence to avoid risks.

Lucky Webapp Add Pagination

In this post I will show you how to add pagination to a Lucky webapp and also style the pagination links with Bootrap and Font Awesome Icons. Software The following software versions were used in this post. Lucky - 0.28.0 Font Awesome (Free) - 5.15.4 Bootstrap - 5.1.0 Enable...continue reading

Calico integration with WireGuard using kOps

It has been a while since I have been excited to write about encrypted tunnels. It might be the sheer pain of troubleshooting old technologies, or countless hours of falling down the rabbit hole of a project’s source code, that always motivated me to pursue a better alternative (without much luck). However, I believe luck is finally on my side.

In this blog post we will explore using open-source WireGuard, a new technology that offers encrypted tunnels with remarkable performance and an effortless implementation, to establish secure encrypted tunnels between workloads in K8s clusters.

Introduction: WireGuard

With the release of open-source Calico 3.14 back in June of 2020, Tigera announced a tech preview of its WireGuard integration, which allows node-to-node traffic to be encrypted using WireGuard.

Other encryption methods (e.g. TLS) were available to encrypt workloads’ traffic at higher TCP/IP layers (in this case, the Application Layer). However, WireGuard targets traffic at a lower layer (the Transport Layer), which makes it effective for a wider range of applications, and also reduces complexity for the user.

WireGuard is an open-source project that implements virtual private network (VPN) techniques to establish secure point-to-point connections leveraging Linux Continue reading

Netdev 0x15

The recent Netdev 0x15 conference included a number of papers diving into the technology behind Linux as a network operating system. Slides and videos are now available on the conference web site.

Network wide visibility with Linux networking and sFlow describes the Linux switchdev driver used to integrate network hardware with Linux. The talk focuses on network telemetry, showing how standard Linux APIs are used to configure hardware instrumentation and stream telemetry using the industry standard sFlow protocol for data center wide visibility.

Switchdev in the wild describes Yandex's experience of deploying Linux switchdev based switches in production at scale. The diagram from the talk shows the three layer leaf and spine network architecture used in their data centers. Yandex operates multiple data centers, each containing up to 100,000 servers.

Switchdev Offload Workshop provides updates about the latest developments in the switchdev community.

FRR Workshop discusses the latest development in the FRRouting project, the open source routing software that is now a defacto standard on Linux network operating systems.

« Previous 1 … 619 620 621 622 623 … 3,788 Next »