Hybrid cloud success: 5 things to forget about, 4 things to remember

OK, let's say you're a CIO who's promoted hybrid cloud computing in your company. Then along came all these news stories that call into question the whole notion of cloud economies. Do you send some covert IT team to block the news from the CFO's computer, or do you deal with it? Hopefully, the latter.I've examined audits of over four-dozen cloud projects, and the good news is that most cloud applications make the business case. The bad news is that a lot, a worrisome lot, don’t. If you want yours to succeed, there are some strategies that will help, in the form of five “forgets” and four “remembers”.To read this article in full, please click here

Cisco CCNA certification explained

The CCNA, which stands for Cisco Certified Network Associate, is Cisco's foundational certification for networking professionals.The CCNA is a commonly required prerequisite for associate-level networking jobs such as network engineer, network administrator, network support technician or help desk technician. There used to be 10 CCNA concentrations, specific to cloud, collaboration, security, data centers, wireless, and other areas. Then, in February of 2020, Cisco combined all of its foundational networking certifications into one comprehensive CCNA certification.To read this article in full, please click here

Infoblox: How DDI Can Help Solve Network Security and Management Ills 

Network connections can be likened to attending an amusement park, where Dynamic Host Configuration Protocol (DHCP), serves as the ticket to enter the park and the domain name system (DNS) is the map around the park. Network management and security provider Infoblox made a name for itself by collapsing those two core pieces into a single platform for enterprises to be able to control where IP addresses are assigned and how they manage network creation and movement. “They control their own DNS so that they can have better control over their traffic,” explained Infoblox: How DDI Can Help Solve Network Security and Management Ills  Also available on Google Podcasts, PlayerFM, Spotify, TuneIn Infoblox’s name for this unified service is DDI, which is

Full Stack Journey 056: Network Automation Progress And Problems

What's the latest with network automation? Where is the industry getting things right, and where is there more work to be done? How is public cloud influencing network automation? Scott Lowe welcomes Ethan Banks to the Full Stack Journey podcast for an update on the state of automation in networking.

The post Full Stack Journey 056: Network Automation Progress And Problems appeared first on Packet Pushers.

DDoS attack trends for 2021 Q2

DDoS attack trends for 2021 Q2
DDoS attack trends for 2021 Q2

Recent weeks have witnessed massive ransomware and ransom DDoS (Distributed Denial of Service) attack campaigns that interrupted aspects of critical infrastructure around the world, including one of the largest petroleum pipeline system operators, and one of the world’s biggest meat processing companies. Earlier this quarter, more than 200 organizations across Belgium, including the government and parliament websites and other services, were also DDoS’d.

And when most of the United States were celebrating Independence Day on July 4, hundreds of US companies were hit by a ransomware attack demanding 70 million USD in Bitcoin. Attackers known to be affiliated with REvil, a Russian ransomware group, exploited multiple previously unknown vulnerabilities in IT management software. The targets included schools, small public-sector bodies, travel and leisure organizations, and credit unions, to name a few. While the threat of ransomware and ransom DDoS is not new (read our posts on ransomware and ransom DDoS from 2021 Q1), the latest attacks on Internet properties ranging from wineries, professional sports teams, ferry services and hospitals has brought them from just being background noise to front page headlines affecting our day-to-day lives. In fact, recent attacks have propelled ransomware and DDoS to the top of US Continue reading

LISP – OMP – BGP EVPN Interoperability – Part I: LISP EID-to-RLOC Registration

I have written a couple of books about Network Virtualization Overlay over Layer 3 (NVO3). My first book was about Datacenter network virtualization based on BGP L2VPN EVPN. After that, I wrote a book about Campus networks based on LISP. In my latest book, I introduced the Cisco SD-WAN solution running OMP in Control-Plane. I wanted to write one more book where I combine these three different NVO3 solutions. I haven’t used pictures in the “About This Book” section in my previous books but now I decided to do that because one picture tells more than 1000 words. The figure below combines these three NVO3 solutions and illustrates what is needed to have IP connectivity between EP1 in the LISP domain and EP2 in the BGP EVPN domain. After reading this book you should be able to understand the processes of how IP reachability information about local hosts are advertised from the LISP domain over the SD-WAN to BGP EVPN domain and another way around. I wanted to keep this complex solution as simple as possible. That is why I didn’t include any redundancy.


Continue reading

Fun with private Automation Hub – Part 2

In the previous blog post, I provided a brief history on Ansible Content Collections and demonstrated how to upload a Collection to a private Automation Hub. We ended the blog by synchronizing content from Ansible Galaxy and Automation Hub. Today, we will configure Ansible Tower to communicate with private Automation Hub.

"Great things are done by a series of small things brought together." - Vincent Van Gogh on Ansible Collections

A particular type of credential: "Ansible Galaxy/Automation Hub API Token" is what allows Red Hat Ansible Tower to authenticate and connect to private Automation Hub. Logging into Ansible Tower's GUI, in the left frame under ‘Resources’, let's click on 'Credentials,' then 'Create a new credential' . In the spirit of simplicity, we'll use the same names, URLs and so on as they appear in private Automation Hub under 'Repo Management / Local.' The credentials below would be used to connect to the 'published' (our proprietary) Collections. Remember that loading a new token in private Automation Hub will delete your old token.

Creating credentials to connect Ansible Tower directly to 'Automation Hub' or 'Ansible Galaxy' will not be described here, as the scope of this blog is limited to Continue reading

WISP cheat sheet for MPLS/VPLS MTU

A guide for working with MTU and MPLS in a Wireless ISP

MPLS/VPLS MTU math can be complicated and is always a struggle to unravel.

To make it a little easier and put it into a WISP context, I designed this cheat sheet on 8.5 x 11 (to print for those that actually trust printers) and used common WISP equipment like MikroTik routers, Ubnt and Cambium radios with real world MTU values.

The MTU values are displayed in layers to make it easier to see where each value fits.

PDF is here

A starting point

These values are meant to be a starting point by representing the minimum values required for MPLS/VPLS with a single 802.1q VLAN tag.

In general, after going through hundreds of WISP migrations, I’ve found it to be easier to implement the minimum values required when working on a production WISP to identify the effective lowest MTU in the network.

Once the network equipment has been modified and has been running in a stable way on the minimum values, then higher values can be considered and implemented (now that the effective lowest MTU on the network is documented)

https://iparchitechs.com/contact

Find out what packages are installed on your Fedora system

If you're curious about how many packages are installed on your Fedora system or how you can check on them, you might be surprised at how much information you have at your fingertips. With just a few commands, you can find out just about anything you might want know about packages and the repositories they came from.What is a package? To get started, a Linux package is simply a collection of files that performs some particular tasks. For example, the popular image-editing program GIMP is installed as a package, and it includes all of the files that you need to do some impressive image editing. You can easily ask if GIMP is installed with a command like this:To read this article in full, please click here

Find out what packages are installed on your Fedora system

If you're curious about how many packages are installed on your Fedora system or how you can check on them, you might be surprised at how much information you have at your fingertips. With just a few commands, you can find out just about anything you might want know about packages and the repositories they came from.What is a package? To get started, a Linux package is simply a collection of files that performs some particular tasks. For example, the popular image-editing program GIMP is installed as a package, and it includes all of the files that you need to do some impressive image editing. You can easily ask if GIMP is installed with a command like this:To read this article in full, please click here

SD-WAN buyers guide: Key questions to ask vendors (and yourself)

Prior to the pandemic, SD-WAN was primarily a niche technology pitched to enterprises as a way to cut costs and improve WAN flexibility by allowing traffic to burst directly from the branch office to the Internet, rather than backhauling it over expensive MPLS links to a central site. SD-WAN resources What is SD-WAN and what does it mean for networking, security, cloud? 10 SD-WAN features you're probably not using but should be SD-WAN may be the key to smart network services SD-WAN and analytics: A marriage made for the new normal Native SD-WAN monitoring tools are not enough, survey says Today, SD-WAN has emerged as a key enabler of the post-COVID enterprise in which mission critical applications live in multiple clouds, employees connect and collaborate from everywhere, and remote access to applications like Office 365, Salesforce and Zoom must be fast, secure, reliable, optimized, and automated for maximum business productivity and end user satisfaction.To read this article in full, please click here

Another Portent of the Decline and Fall of the Telco

The Swedish carrier group Telia has recently announced the sale of its international wholesale business to Polhelm Infra, an infrastructure investment manager jointly owned by a number of Swedish pension funds. Why would a telco operator sell off what was a core part of its operation to a pension fund?

Tech Bytes: Instrumenting For Hybrid Work With AppNeta (Sponsored)

On today's sponsored Tech Bytes episode, we talk with AppNeta about instrumenting application performance to support on-prem and remote employees in today's hybrid work environment. Our AppNeta guests are Sean Armstrong, VP of Products; and Alec Pinkham Director of Product Marketing.

The post Tech Bytes: Instrumenting For Hybrid Work With AppNeta (Sponsored) appeared first on Packet Pushers.

Whatever it is, you need more (RFC1925 rule 9)

There is never enough. Whatever you name in the world of networking, there is simply not enough. There are not enough ports. There is not enough speed. There is not enough bandwidth. Many times, the problem of “not enough” manifests itself as “too much”—there is too much buffering and there are too many packets being dropped. Not so long ago, the Internet community decided there were not enough IP addresses and decided to expand the address space from 32 bits in IPv4 to 128 bits in IPv6. The IPv6 address space is almost unimaginably huge—2 to the 128th power is about 340 trillion, trillion, trillion addresses. That is enough to provide addresses to stacks of 10 billion computers blanketing the entire Earth. Even a single subnet of this space is enough to provide addresses for a full data center where hundreds of virtual machines are being created every minute; each /64 (the default allocation size for an IPv6 address) contains 4 billion IPv4 address spaces.

But… what if the current IPv6 address space simply is not enough? Engineers working in the IETF have created two different solutions over the years for just this eventuality. In 1994 RFC1606 provided a Continue reading

Explore Future:NET for a Chance to Win a Bose Headset

Hey there, NSXers!  

The skies are blue, the sun is shining, and summer is in full swing. Whether you’re getting your summer on by grooving to some tunes, or embracing the grind at home or back in the office, there’s one thing you can count on needing: a sweet set of headphones.  

The Future:NET team is here to help! At Future:NET, industry luminaries deliver exclusive insights into all things networking – including a discussion of the lasting impacts of 2020 and predictions on the future of the industry, from app-centric connectivity to ubiquitous access across clouds. Now you can get all that Future:NET goodness — and a pair of Bose noise-canceling headphones too! All you need to do is: 

1. Follow Future:NET on Twitter.

 

2. Watch the Looking Back, Looking Forward session. 

 

3. And post a screenshot of the video in the comment section of our Twitter announcement post.  

Then, we’ll select winners from thee comments and announce them on August 2. Yep, it’s that easy! 

Take your work from anywhere to the next level – with these headphones, you can groove from anywhere while you’re at it. 

PROMOTIONAL DRAWING TERMS & CONDITIONS
NO PURCHASE NECESSARY TO ENTER OR WIN. Void in Quebec and where prohibited. All federal, state, provincial and local laws Continue reading
1 670 671 672 673 674 3,816