Prossimo: Making the Internet Memory Safe

The Let’s Encrypt certificate authority, but it has also turned its hand to fixing memory problems. It sponsors, via Google, so Rust in Linux in no small part to fix its built-in C memory problems. And, it also has a whole department, Rustls, a safer memory-safe code. Memory-safe programs are written in languages that avoid the usual use after free problems. C, C++, and Assembly, for all their speed, make it all too easy to make these kinds of mistakes. Languages such as Rust, Go, and C#, however, Continue reading

Arista’s Evolution to Data-Driven Networking

Arista's Evolution to Data-Driven Networking

Arista’s EOS (Extensible Operating System) has been nurtured over the past decade, taking the best principles of extensible, open and scalable networks. While SDN evangelists insisted that the right way to build networks started with the decoupling of hardware and software in the network, manipulated by a centralized, shared controller, many companies failed to provide the core customer requisite in a clean software architecture and implementation coupled with key technical differentiation. This has been the essence of Arista EOS.

Collect hashes from remote computers

I was recently asked to create a script that should calculate the hash values of all files on remote computers. The collection must be done in parallel on all computers.  My choice fell on Bash because it allows to quickly collect hashes using a combination of SSH, sshpass, find and hash (coreutils package). The collect_hashes.sh script […]
Continue reading...

Where Would You Need DNS Anycast?

One of the publicly observable artifacts of the October 2021 Facebook outage was an intricate interaction between BGP routing and their DNS servers needed to support optimal anycast configuration. Not surprisingly, it was all networking engineers’ fault according to some opinions1

There’s no need for anycast2/BGP advertisement for DNS servers. DNS is already highly available by design. Only network people never understand that, which leads to overengineering.

It’s not that hard to find a counter-argument3: while it looks like there are only 13 root name servers4, each one of them is a large set of instances advertising the same IP prefix5 to the Internet.

Read more …

Where Would You Need DNS Anycast?

One of the publicly observable artifacts of the October 2021 Facebook outage was an intricate interaction between BGP routing and their DNS servers needed to support optimal anycast configuration. Not surprisingly, it was all networking engineers' fault according to some opinions1

There’s no need for anycast2/BGP advertisement for DNS servers. DNS is already highly available by design. Only network people never understand that, which leads to overengineering.

It’s not that hard to find a counter-argument3: while it looks like there are only 13 root name servers4, each one of them is a large set of instances advertising the same IP prefix5 to the Internet.

Read more …

Searching through compressed files on Linux

There are quite a few ways to search through compressed text files on Linux systems without having to uncompress them first. Depending on the format of the files, you can choose to view entire files, extract specific text, navigate through file contents searching for content of interest, and sometimes even edit content. IFirst, to show you how this works, I compressed the words file on one of my Linux systems (/usr/share/dict/words) using these commands:$ cp /usr/share/dict/words . $ 7z a words.7z words $ bzip2 -k words $ gzip -k words $ xz -k words $ zip words.zip words How to use the grep command on Linux   The -k options used with the bzip2, gzip, and xz commands kept these commands from removing the original file, which they would by default. The resultant files then looked like this:To read this article in full, please click here

Searching through compressed files on Linux

There are quite a few ways to search through compressed text files on Linux systems without having to uncompress them first. Depending on the format of the files, you can choose to view entire files, extract specific text, navigate through file contents searching for content of interest, and sometimes even edit content. IFirst, to show you how this works, I compressed the words file on one of my Linux systems (/usr/share/dict/words) using these commands:$ cp /usr/share/dict/words . $ 7z a words.7z words $ bzip2 -k words $ gzip -k words $ xz -k words $ zip words.zip words How to use the grep command on Linux   The -k options used with the bzip2, gzip, and xz commands kept these commands from removing the original file, which they would by default. The resultant files then looked like this:To read this article in full, please click here

It’s official: VMware and Dell have split

VMware is once again a standalone company as it has officially split with its parent firm, Dell and untied the knot that has held them together since 2016.The move is widely seen as a way for both companies to work with new partners and expand their respective technologies while keep close ties to each other.[Get regularly scheduled insights by signing up for Network World newsletters.] It also has financial impacts. According to the Financial Times, Dell Technologies will shed its 81% stake in publicly traded VMware, creating an independent software company with a stock market value of nearly $64 billion. Dell’s remaining hardware operations have an implied value of $33 billion, based on its latest share price. To read this article in full, please click here

Vapor IO Realizes Open Grid Vision With INZONE 5G Edge Services

One of the defining characteristics of edge applications is the need for low latency to absorb and analyze data from connected devices deployed in locations such as retail stores, manufacturing facilities, distribution centers, and municipal infrastructure. Until recently, most chatter about “the edge” has been vague, often conflating the extension of cloud service delivery to […]

The post Vapor IO Realizes Open Grid Vision With INZONE 5G Edge Services appeared first on Packet Pushers.

Tech Bytes: Advania Chooses Apstra For Data Center Operations (Sponsored)

Today on the Tech Bytes podcast, sponsored by Juniper, we talk with a customer of Juniper’s Apstra intent-based networking data center software. IT solutions provider Advania uses Apstra internally to operate its own data centers, as well as for customer engagements.

The post Tech Bytes: Advania Chooses Apstra For Data Center Operations (Sponsored) appeared first on Packet Pushers.

Using Kustomize Components with Cluster API

I’ve been using Kustomize with Cluster API (CAPI) to manage my AWS-based Kubernetes clusters for quite a while (along with Pulumi for managing the underlying AWS infrastructure). For all the time I’ve been using this approach, I’ve also been unhappy with the overlay-based approach that had evolved as a way of managing multiple workload clusters. With the recent release of CAPI 1.0 and the v1beta1 API, I took this opportunity to see if there was a better way. I found a different way—time will tell if it is a better way. In this post, I’ll share how I’m using Kustomize components to help streamline managing multiple CAPI workload clusters.

Before continuing, I feel it’s important to point out that while the bulk of the Kustomize API is reasonably stable at v1beta1, the components portion of the API is still in early days (v1alpha1). So, if you adopt this functionality, be aware that it may change (or even get dropped).

More information on Kustomize components can be found in the Kustomize components KEP or in this demo document. The documentation on Kustomize components is somewhat helpful as well. I won’t try to rehash information found in those sources here, but Continue reading

Sunburst

The recently released open source Sunburst application provides a real-time visualization of the protocols running a network. The Sunburst application runs on the sFlow-RT real-time analytics platform, which receives standard streaming sFlow telemetry from switches and routers throughout the network to provide comprehensive visibility. 
docker run -p 8008:8008 -p 6343:6343/udp sflow/prometheus
The pre-built sflow/prometheus Docker image packages sFlow-RT with the applications for exploring real-time sFlow analytics. Run the command above, configure network devices to send sFlow to the application on UDP port 6343 (the default sFlow port) and connect with a web browser to port 8008 to access the user interface.
 
The chart at the top of this article demonstrates the visibility that sFlow can provide into nested protocol stacks that result from network virtualization. For example, the most deeply nested set of protocols shown in the chart is:
  1. eth: Ethernet
  2. q: IEEE 802.1Q VLAN
  3. trill: Transparent Interconnection of Lots of Links (TRILL)
  4. eth: Ethernet
  5. q: IEEE 802.1Q VLAN
  6. ip: Internet Protocol (IP) version 4
  7. udp: User Datagram Protocol (UDP)
  8. vxlan: Virtual eXtensible Local Area Network (VXLAN)
  9. eth: Ethernet
  10. ip Internet Protocol (IP) version 4
  11. esp IPsec Encapsulating Continue reading

VXLAN: Virtualizing Data Center Networks for the Cloud Era

Since VXLAN was introduced in 2014 it has become an important component of modern data center network fabrics. This blog reviews what VXLAN is, why it was developed, how it is being used in data centers, and advantages over other virtualization technologies. In an upcoming blog, we will look at some innovative VXLAN applications outside the data center.

What is VXLAN?

Virtual eXtensible Local Area Network (VXLAN) is an Internet standard protocol that provides a means of encapsulating Ethernet (Layer 2) frames over an IP (Layer 3) network, a concept often referred to as “tunneling.” This allows devices and applications to communicate across a large physical network as if they were located on the same Ethernet Layer 2 network.

Tunneling approaches such as VXLAN provide an important tool to virtualize the physical network, often called the “underlay,” and allow for connectivity to be defined and managed as a set of virtual connections, called the “overlay.” These virtual connections can be created, modified and removed as needed without any change to the physical underlay network. (Mike Capuano’s blog, What to Know About Data Center Overlay Networks, provides a deeper dive on overlays.)

While VXLAN is only one Continue reading

Network Break 357: Switchless Networking? Startup Rockport Says Yes; ISPs Monetize Customer Surveillance

Take a Network Break! This week we discuss how startup Rockport Networks brings switchless networking to the data center. The FTC says ISPs are amassing and monetizing sensitive customer data. Cisco unveils new routing silicon, Juniper sees revenues rise and income fall, and more tech news.

The post Network Break 357: Switchless Networking? Startup Rockport Says Yes; ISPs Monetize Customer Surveillance appeared first on Packet Pushers.

1 627 628 629 630 631 3,835