Cloudflare invites visiting researchers!

Cloudflare invites visiting researchers!
Cloudflare invites visiting researchers!

As part of Cloudflare’s effort to build collaborations with academia, we host research focused internships all year long. Interns collaborate cross-functionally in research projects and are encouraged to ship code and write a blog post and a peer-reviewed publication at the end of their internship. Post-internship, many of our interns have joined Cloudflare to continue their work and often connect back with their alma mater strengthening idea sharing and collaborative initiatives.

Last year, we extended the intern experience by hosting Thomas Ristenpart, Associate Professor at Cornell Tech. Thomas collaborated for half a year on a project related to password breach alerting. Based on the success of this experience we are taking a further step in creating a structured Visiting Researcher program, to broaden our capabilities and invest further on a shared motivation with academics.

Foster engagement and closer partnerships

Our current research focuses on applied cryptography, privacy, network protocols and architecture, measurement and performance evaluation, and, increasingly, distributed systems. With the Visiting Researcher program, Cloudflare aims to foster a shared motivation with academia and engage together in seeking innovative solutions to help build a better Internet in the mentioned domains.

We expect to support the operationalization of ideas that emerge Continue reading

Installing packages on Linux and Mac with Homebrew

Ever heard of Homebrew? It’s a package manager with a very unusual feature. It allows ordinary users to install packages without using sudo, and it’s available for both macOS and Linux. While the tool on each of these systems is referred to as Homebrew, the Linux version installs as linuxbrew.Once installed, users can use Homebrew via the brew command to install packages very easily. Installation of Homebrew itself, however, does generally require sudo privileges and installs in /home/linuxbrew.The man page for the brew command calls it “The Missing Package Manager for macOS (or Linux)”.To read this article in full, please click here

Installing packages on Linux and Mac with Homebrew

Ever heard of Homebrew? It’s a package manager with a very unusual feature. It allows ordinary users to install packages without using sudo, and it’s available for both macOS and Linux. While the tool on each of these systems is referred to as Homebrew, the Linux version installs as linuxbrew.Once installed, users can use Homebrew via the brew command to install packages very easily. Installation of Homebrew itself, however, does generally require sudo privileges and installs in /home/linuxbrew.The man page for the brew command calls it “The Missing Package Manager for macOS (or Linux)”.To read this article in full, please click here

4 questions that get the answers you need from IT vendors

It’s the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year’s budgeting. They’ve done this for decades, and it’s interesting to me that in any given year, enterprises share roughly three of their top five priorities. It’s more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren’t they getting addressed? They say their top problem is an “information gap.”Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they’ll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they’re not getting it.To read this article in full, please click here

4 questions that get the answers you need from IT vendors

It’s the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year’s budgeting. They’ve done this for decades, and it’s interesting to me that in any given year, enterprises share roughly three of their top five priorities. It’s more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren’t they getting addressed? They say their top problem is an “information gap.”Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they’ll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they’re not getting it.To read this article in full, please click here

4 questions that get the answers you need from IT vendors

It’s the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year’s budgeting. They’ve done this for decades, and it’s interesting to me that in any given year, enterprises share roughly three of their top five priorities. It’s more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren’t they getting addressed? They say their top problem is an “information gap.”Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they’ll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they’re not getting it.To read this article in full, please click here

New Content in AWS Networking Webinar

Last week’s update session of the AWS Networking webinar covered two hours worth of new (or not-yet-covered) features, including:

  • Transit Gateway Connect functionality (GRE tunnel+BGP between Transit Gateway and in-cloud SD-WAN appliances)
  • AWS Private Link
  • Intra-VPC static routes that you can use to send inter-subnet traffic to a BYOD security appliance
  • IGMPv2 support
  • Custom global accelerators
  • Assigning whole IP prefixes to VM interfaces

The recordings have already been published, either as independent videos or integrated with the existing materials. Enjoy ;)

New Content in AWS Networking Webinar

Last week’s update session of the AWS Networking webinar covered two hours worth of new (or not-yet-covered) features, including:

  • Transit Gateway Connect functionality (GRE tunnel+BGP between Transit Gateway and in-cloud SD-WAN appliances)
  • AWS Private Link
  • Intra-VPC static routes that you can use to send inter-subnet traffic to a BYOD security appliance
  • IGMPv2 support
  • Custom global accelerators
  • Assigning whole IP prefixes to VM interfaces

The recordings have already been published, either as independent videos or integrated with the existing materials. Enjoy ;)

100 terabyte home NAS

So, as a nerd, let's say you need 100 terabytes of home storage. What do you do?

My solution would be a commercial NAS RAID, like from Synology, QNAP, or Asustor. I'm a nerd, and I have setup my own Linux systems with RAID, but I'd rather get a commercial product. When a disk fails, and a disk will always eventually fail, then I want something that will loudly beep at me and make it easy to replace the drive and repair the RAID.

Some choices you have are:

  • vendor (Synology, QNAP, and Asustor are the vendors I know and trust the most)
  • number of bays (you want 8 to 12)
  • redundancy (you want at least 2 if not 3 disks)
  • filesystem (btrfs or ZFS) [not btrfs-raid builtin, but btrfs on top of RAID]
  • drives (NAS optimized between $20/tb and $30/tb)
  • networking (at least 2-gbps bonded, but box probably can't use all of 10gbps)
  • backup (big external USB drives)

The products I link above all have at least 8 drive bays. When you google "NAS", you'll get a list of smaller products. You don't want them. You want somewhere between 8 and 12 drives.

The reason is that Continue reading

Automation 2. Exploring Nokia SR OS configuration in a programmable way with pySROS

Hello my friend,

Thanks a lot for all your interactions over our last post, it was very good feeling. As it attracted your attention, we decided to explore this topic further. Today we’ll focus on two main aspects: how you can figure out from Nokia SR OS CLI, what is your path to use in pySROS and how you visualise a configuration tree following YANG module.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

I Have Heard, Facebook Automation Caught It, Isn’t It?

Facebook outage happened the last week caused a lot of discussions, how reliable automation is in general and if there are too much automatons these days already in the infrastructure systems. Really, if Facebook with their smartest network and automation engineers failed, should I stay far away from automation? We believe, everyone will find his or her answer. From our perspective, we know that Facebook will make their systems after failure more robust and working. By the way, in our training Continue reading

How to simulate a host in a real network?

How to simulate a host

Like some other posts, I didn’t think I would write this one because it seemed obvious. But, after talking to a lot of engineers and customers, I realized that not everyone knows this trick. So here it is. The question is this: how to simulate a real host in a physical network environment when you don’t have computer at your disposal? Well, let’s take an example. The environment Here is an example with a very simple VXLAN topology consisting of two spines and two leafs. I’m using Cisco Nexus switches…

The post How to simulate a host in a real network? appeared first on AboutNetworks.net.

AWS Networking – Part X: VPC Internet Gateway Service – Part One


Introduction


This chapter explains what components/services and configurations we need to allow Internet traffic to and from an EC2 instance. VPCs themselves are closed entities. If we need an Internet connection, we need to use an AWS Internet Gateway (IGW) service. The IGW is running on a  Blackfoot Edge Device in the AWS domain. It performs Data-Plane VPC encapsulation and decapsulation, as well as  IP address translation. We also need public, Internet routable IP addresses. In our example, we allocate an AWS Elastic-IP (EIP) address. Then we associate it with EC2 Instance. By doing it, we don’t add the EIP to the EC2 instance itself. Instead, we create a static one-to-one NAT entry into the VPC associated IGW. The subnet Route Table includes only a VPC’s CIDR range local route. That is why we need to add a routing entry to the Subnet RT, default or more specific, towards IGW. Note that a subnet within an AWS VPC is not a Broadcast domain (VPC doesn’t even support Broadcasts). Rather, we can think of it as a logical place for EC2 instances having uniform connection requirements, like reachability from the Internet. As a next step, we define the security policy. Each Subnet has a Network Access Control List (NACL), which is a stateless Data-Plane filter. The Stateless definition means that to allow bi-directional traffic flow, we have to permit flow-specific Request/Reply data separately. For simplicity, we are going to use the Subnet Default NACL. The Security Group (SG), in turn, is a stateful EC2 instance-specific Data-Plane filter. The Stateful means that filter permits flow-based ingress and egress traffic. Our example security policy is based on the SG. We will allow an SSH connection from the external host 91.152.204.245 to EC2 instance NWKT-EC-Fron-End. In addition, we allow all ICMP traffic from the EC2 instance to the same external host. As the last part, this chapter introduces the Reachability Analyzer service, which we can use for troubleshooting connections. Figure 3-1 illustrates what we are going to build in this chapter.


Figure 3-1: Setting Up an Internet Connection for Public Subnet of AWS VPC.

 

Continue reading

Cloudflare Research: Two Years In

Cloudflare Research: Two Years In
Great technology companies build innovative products and bring them into the world; iconic technology companies change the nature of the world itself.
Cloudflare Research: Two Years In

Cloudflare’s mission reflects our ambitions: to help build a better Internet. Fulfilling this mission requires a multifaceted approach that includes ongoing product innovation, strategic decision-making, and the audacity to challenge existing assumptions about the structure and potential of the Internet. Two years ago, Cloudflare Research was founded to explore opportunities that leverage fundamental and applied computer science research to help change the playing field.

We’re excited to share five operating principles that guide Cloudflare’s approach to applying research to help build a better Internet and five case studies that exemplify these principles. Cloudflare Research will be all over the blog for the next several days, so subscribe and follow along!

Innovation comes from all places

Innovative companies don’t become innovative by having one group of people within the company dedicated to the future; they become that way by having a culture where new ideas are free-flowing and can come from anyone. Research is most effective when it is permitted to grow beyond or outside isolated lab environments, is deeply integrated into all facets of a company’s work, Continue reading

OMG: Democratizing Network Automation

I totally understand that entities relying on sponsors have to become creative while promoting whatever theirs sponsors want to sell, but in my opinion this is a bridge too far:

[…] explore how Gluware aims to democratize automation; that is, get you quick wins around common tasks such as configuration changes and OS updates.

Democratizing automation? Because it’s authoritarian now? By providing the abilities like configuration changes and OS updates that have been available in network management tools like CiscoWorks or SolarWinds for ages?

You know what’s really hard when automating existing networks? Figuring out how to simplify them to the point where it makes sense to automate them. Will any shrink-wrapped GUI product solve that? Of course not.

OMG: Democratizing Network Automation

I totally understand that entities relying on sponsors have to become creative while promoting whatever theirs sponsors want to sell, but in my opinion this is a bridge too far:

[…] explore how Gluware aims to democratize automation; that is, get you quick wins around common tasks such as configuration changes and OS updates.

Democratizing automation? Because it’s authoritarian now? By providing the abilities like configuration changes and OS updates that have been available in network management tools like CiscoWorks or SolarWinds for ages?

You know what’s really hard when automating existing networks? Figuring out how to simplify them to the point where it makes sense to automate them. Will any shrink-wrapped GUI product solve that? Of course not.

Where is mobile traffic the most and least popular?

Where is mobile traffic the most and least popular?
Where is mobile traffic the most and least popular?

You’re having dinner, you look at the table next to and everyone is checking their phone, scrolling and browsing and interacting with that little (is getting bigger) piece of hardware that puts you in contact with friends, family, work and the giant public square of sorts that social media has become. That could happen in the car (hopefully with the passengers, never the driver), at home when you’re on the sofa, in bed or even when you’re commuting or just bored in line for the groceries.

Or perhaps you use your mobile phone as your only connection to the Internet. It might be your one means of communication and doing business. For many, the mobile Internet opened up access and opportunity that simply was not possible before.

Around the world the use of mobile Internet differs widely. In some countries mobile traffic dominates, in others desktop still reigns supreme.

Mobile Internet traffic has changed the way we relate to the online world — work (once, for some, done on desktop/laptop computers) is just one part of it — and Cloudflare Radar can help us get a better understanding of global Internet traffic but also access regional trends, and monitor emerging Continue reading

1 655 656 657 658 659 3,849