Full Stack Journey 056: Network Automation Progress And Problems

What's the latest with network automation? Where is the industry getting things right, and where is there more work to be done? How is public cloud influencing network automation? Scott Lowe welcomes Ethan Banks to the Full Stack Journey podcast for an update on the state of automation in networking.

The post Full Stack Journey 056: Network Automation Progress And Problems appeared first on Packet Pushers.

DDoS attack trends for 2021 Q2

DDoS attack trends for 2021 Q2
DDoS attack trends for 2021 Q2

Recent weeks have witnessed massive ransomware and ransom DDoS (Distributed Denial of Service) attack campaigns that interrupted aspects of critical infrastructure around the world, including one of the largest petroleum pipeline system operators, and one of the world’s biggest meat processing companies. Earlier this quarter, more than 200 organizations across Belgium, including the government and parliament websites and other services, were also DDoS’d.

And when most of the United States were celebrating Independence Day on July 4, hundreds of US companies were hit by a ransomware attack demanding 70 million USD in Bitcoin. Attackers known to be affiliated with REvil, a Russian ransomware group, exploited multiple previously unknown vulnerabilities in IT management software. The targets included schools, small public-sector bodies, travel and leisure organizations, and credit unions, to name a few. While the threat of ransomware and ransom DDoS is not new (read our posts on ransomware and ransom DDoS from 2021 Q1), the latest attacks on Internet properties ranging from wineries, professional sports teams, ferry services and hospitals has brought them from just being background noise to front page headlines affecting our day-to-day lives. In fact, recent attacks have propelled ransomware and DDoS to the top of US Continue reading

LISP – OMP – BGP EVPN Interoperability – Part I: LISP EID-to-RLOC Registration

I have written a couple of books about Network Virtualization Overlay over Layer 3 (NVO3). My first book was about Datacenter network virtualization based on BGP L2VPN EVPN. After that, I wrote a book about Campus networks based on LISP. In my latest book, I introduced the Cisco SD-WAN solution running OMP in Control-Plane. I wanted to write one more book where I combine these three different NVO3 solutions. I haven’t used pictures in the “About This Book” section in my previous books but now I decided to do that because one picture tells more than 1000 words. The figure below combines these three NVO3 solutions and illustrates what is needed to have IP connectivity between EP1 in the LISP domain and EP2 in the BGP EVPN domain. After reading this book you should be able to understand the processes of how IP reachability information about local hosts are advertised from the LISP domain over the SD-WAN to BGP EVPN domain and another way around. I wanted to keep this complex solution as simple as possible. That is why I didn’t include any redundancy.


Continue reading

Fun with private Automation Hub – Part 2

In the previous blog post, I provided a brief history on Ansible Content Collections and demonstrated how to upload a Collection to a private Automation Hub. We ended the blog by synchronizing content from Ansible Galaxy and Automation Hub. Today, we will configure Ansible Tower to communicate with private Automation Hub.

"Great things are done by a series of small things brought together." - Vincent Van Gogh on Ansible Collections

A particular type of credential: "Ansible Galaxy/Automation Hub API Token" is what allows Red Hat Ansible Tower to authenticate and connect to private Automation Hub. Logging into Ansible Tower's GUI, in the left frame under ‘Resources’, let's click on 'Credentials,' then 'Create a new credential' . In the spirit of simplicity, we'll use the same names, URLs and so on as they appear in private Automation Hub under 'Repo Management / Local.' The credentials below would be used to connect to the 'published' (our proprietary) Collections. Remember that loading a new token in private Automation Hub will delete your old token.

Creating credentials to connect Ansible Tower directly to 'Automation Hub' or 'Ansible Galaxy' will not be described here, as the scope of this blog is limited to Continue reading

WISP cheat sheet for MPLS/VPLS MTU

A guide for working with MTU and MPLS in a Wireless ISP

MPLS/VPLS MTU math can be complicated and is always a struggle to unravel.

To make it a little easier and put it into a WISP context, I designed this cheat sheet on 8.5 x 11 (to print for those that actually trust printers) and used common WISP equipment like MikroTik routers, Ubnt and Cambium radios with real world MTU values.

The MTU values are displayed in layers to make it easier to see where each value fits.

PDF is here

A starting point

These values are meant to be a starting point by representing the minimum values required for MPLS/VPLS with a single 802.1q VLAN tag.

In general, after going through hundreds of WISP migrations, I’ve found it to be easier to implement the minimum values required when working on a production WISP to identify the effective lowest MTU in the network.

Once the network equipment has been modified and has been running in a stable way on the minimum values, then higher values can be considered and implemented (now that the effective lowest MTU on the network is documented)

https://iparchitechs.com/contact

Find out what packages are installed on your Fedora system

If you're curious about how many packages are installed on your Fedora system or how you can check on them, you might be surprised at how much information you have at your fingertips. With just a few commands, you can find out just about anything you might want know about packages and the repositories they came from.What is a package? To get started, a Linux package is simply a collection of files that performs some particular tasks. For example, the popular image-editing program GIMP is installed as a package, and it includes all of the files that you need to do some impressive image editing. You can easily ask if GIMP is installed with a command like this:To read this article in full, please click here

Find out what packages are installed on your Fedora system

If you're curious about how many packages are installed on your Fedora system or how you can check on them, you might be surprised at how much information you have at your fingertips. With just a few commands, you can find out just about anything you might want know about packages and the repositories they came from.What is a package? To get started, a Linux package is simply a collection of files that performs some particular tasks. For example, the popular image-editing program GIMP is installed as a package, and it includes all of the files that you need to do some impressive image editing. You can easily ask if GIMP is installed with a command like this:To read this article in full, please click here

SD-WAN buyers guide: Key questions to ask vendors (and yourself)

Prior to the pandemic, SD-WAN was primarily a niche technology pitched to enterprises as a way to cut costs and improve WAN flexibility by allowing traffic to burst directly from the branch office to the Internet, rather than backhauling it over expensive MPLS links to a central site. SD-WAN resources What is SD-WAN and what does it mean for networking, security, cloud? 10 SD-WAN features you're probably not using but should be SD-WAN may be the key to smart network services SD-WAN and analytics: A marriage made for the new normal Native SD-WAN monitoring tools are not enough, survey says Today, SD-WAN has emerged as a key enabler of the post-COVID enterprise in which mission critical applications live in multiple clouds, employees connect and collaborate from everywhere, and remote access to applications like Office 365, Salesforce and Zoom must be fast, secure, reliable, optimized, and automated for maximum business productivity and end user satisfaction.To read this article in full, please click here

Another Portent of the Decline and Fall of the Telco

The Swedish carrier group Telia has recently announced the sale of its international wholesale business to Polhelm Infra, an infrastructure investment manager jointly owned by a number of Swedish pension funds. Why would a telco operator sell off what was a core part of its operation to a pension fund?

Tech Bytes: Instrumenting For Hybrid Work With AppNeta (Sponsored)

On today's sponsored Tech Bytes episode, we talk with AppNeta about instrumenting application performance to support on-prem and remote employees in today's hybrid work environment. Our AppNeta guests are Sean Armstrong, VP of Products; and Alec Pinkham Director of Product Marketing.

The post Tech Bytes: Instrumenting For Hybrid Work With AppNeta (Sponsored) appeared first on Packet Pushers.

Whatever it is, you need more (RFC1925 rule 9)

There is never enough. Whatever you name in the world of networking, there is simply not enough. There are not enough ports. There is not enough speed. There is not enough bandwidth. Many times, the problem of “not enough” manifests itself as “too much”—there is too much buffering and there are too many packets being dropped. Not so long ago, the Internet community decided there were not enough IP addresses and decided to expand the address space from 32 bits in IPv4 to 128 bits in IPv6. The IPv6 address space is almost unimaginably huge—2 to the 128th power is about 340 trillion, trillion, trillion addresses. That is enough to provide addresses to stacks of 10 billion computers blanketing the entire Earth. Even a single subnet of this space is enough to provide addresses for a full data center where hundreds of virtual machines are being created every minute; each /64 (the default allocation size for an IPv6 address) contains 4 billion IPv4 address spaces.

But… what if the current IPv6 address space simply is not enough? Engineers working in the IETF have created two different solutions over the years for just this eventuality. In 1994 RFC1606 provided a Continue reading

Explore Future:NET for a Chance to Win a Bose Headset

Hey there, NSXers!  

The skies are blue, the sun is shining, and summer is in full swing. Whether you’re getting your summer on by grooving to some tunes, or embracing the grind at home or back in the office, there’s one thing you can count on needing: a sweet set of headphones.  

The Future:NET team is here to help! At Future:NET, industry luminaries deliver exclusive insights into all things networking – including a discussion of the lasting impacts of 2020 and predictions on the future of the industry, from app-centric connectivity to ubiquitous access across clouds. Now you can get all that Future:NET goodness — and a pair of Bose noise-canceling headphones too! All you need to do is: 

1. Follow Future:NET on Twitter.

 

2. Watch the Looking Back, Looking Forward session. 

 

3. And post a screenshot of the video in the comment section of our Twitter announcement post.  

Then, we’ll select winners from thee comments and announce them on August 2. Yep, it’s that easy! 

Take your work from anywhere to the next level – with these headphones, you can groove from anywhere while you’re at it. 

PROMOTIONAL DRAWING TERMS & CONDITIONS
NO PURCHASE NECESSARY TO ENTER OR WIN. Void in Quebec and where prohibited. All federal, state, provincial and local laws Continue reading

Network Break 342: SolarWinds Back In Security Hot Seat; In Defense Of The Fax Machine

Today's Network Break podcast delves into security issues at SolarWinds and SonicWall, discusses a new network offload capability between NVIDIA and Palo Alto Networks, comments on Japanese bureaucrats who refuse to give up their fax machines, and more tech news.

The post Network Break 342: SolarWinds Back In Security Hot Seat; In Defense Of The Fax Machine appeared first on Packet Pushers.

The Week in Internet News: U.S. Health Official Warns of COVID Misinformation Online

"In the news" text on yellow background

Bad information: The U.S. surgeon general, the nation’s top public health spokesman, is calling on social media outlets to crack down on misinformation about COVID-19 and the safety of vaccines, The New York Times reports. Misinformation about the pandemic and the vaccines available is “an urgent threat to public health,” Dr. Vivek Murthy said. “Modern […]

The post The Week in Internet News: U.S. Health Official Warns of COVID Misinformation Online appeared first on Internet Society.

1 651 652 653 654 655 3,796