Dynamic DNS Security Blues

Whenever you run into a network problem, the wise network admin or sysadmin always remembers “It’s always Black Hat USA 2021 security conference Ami Luttwak and head of research simple loophole that allowed them to intercept dynamic DNS (DDNS) traffic going through managed DNS providers like Amazon and Google. And, yes, that includes the DDNS you’re using on your cloud. And, if you think that’s bad, just wait until you see just how trivial this attack is. Our intrepid researchers found that “simply registering certain ‘special’ domains, specifically the name of the name server itself, has unexpected consequences on all other customers using the name server.

Google Chips Away at Problems at “Mega-Batch” Scale

As Google’s batch sizes for AI training continue to skyrocket, with some batch sizes ranging from over 100k to one million, the company’s research arm is looking at ways to improve everything from efficiency, scalability, and even privacy for those whose data is used in large-scale training runs.

Google Chips Away at Problems at “Mega-Batch” Scale was written by Nicole Hemsoth at The Next Platform.

Network Break 345: Marvell Acquires High-End Ethernet ASICs; Arista CEO Says Component Shortage ‘Worst I’ve Seen’

This week's Network Break podcat discusses Marvell's Innovium buy and its impact on the high-end Ethernet market, new Juniper security software for applications, Arista financial results and component concerns, and more IT news.

The post Network Break 345: Marvell Acquires High-End Ethernet ASICs; Arista CEO Says Component Shortage ‘Worst I’ve Seen’ appeared first on Packet Pushers.

The Challenge – And Opportunity – Of Being A Niche AI Cloud

In this era of hyperscaler and cloud builder titans, their seven of whom account for about half of the IT infrastructure bought in the world, it is important to remember the importance of niches and the vital role that other makers of systems, other sellers of systems, and other renters of systems all play in the IT ecosystem.

The Challenge – And Opportunity – Of Being A Niche AI Cloud was written by Timothy Prickett Morgan at The Next Platform.

HPC Efficiency Gurus Grapple with AMD’s RAPL

Exascale-class energy efficiency cannot be defined by a simple number. Although Green500 energy efficiency HPC rankings provide a one-shot view into performance/efficiency, the complex interplay between large system operating systems, real-world applications, and the various tuning capabilities is worth digging into.

HPC Efficiency Gurus Grapple with AMD’s RAPL was written by Nicole Hemsoth at The Next Platform.

Tech Bytes: Pharma Distributor Ensures Uptime, App Performance With Aruba SD-WAN (Sponsored)

Today on the Tech Bytes sponsored podcast we're talking SD-WAN with Ascent Health & Wellness, a digital healthcare platform for pharmaceutical distribution. We discuss how the company deployed Aruba EdgeConnect to ensure uptime for critical pharmaceutical fulfillment services, speed up order processing, and provide robust performance for cloud-based business apps.

Tech Bytes: Pharma Distributor Ensures Uptime, App Performance With Aruba SD-WAN (Sponsored)

Today on the Tech Bytes sponsored podcast we're talking SD-WAN with Ascent Health & Wellness, a digital healthcare platform for pharmaceutical distribution. We discuss how the company deployed Aruba EdgeConnect to ensure uptime for critical pharmaceutical fulfillment services, speed up order processing, and provide robust performance for cloud-based business apps.

The post Tech Bytes: Pharma Distributor Ensures Uptime, App Performance With Aruba SD-WAN (Sponsored) appeared first on Packet Pushers.

Network certs 2021: Significant raises for the right ones

COVID-19 kicked off one of the most disruptive economic periods since World War II, and companies scrambled to shift business processes to the cloud to meet escalating digital demands. In fact, companies digitized many activities at a rate 20% to 25% faster than previously thought possible, according to research from McKinsey & Company.That acceleration has impacted the IT workforce: 85% of IT hiring managers say their hiring needs have changed, according to a survey by colocation provider INAP. This creates an opportunity for IT professionals who want to move ahead in their careers. Getting trained in key technologies can be a steppingstone not only to better pay but also to leadership jobs with more responsibilities.To read this article in full, please click here

Top Online Learning Websites

Online learning was on the rise for many years. However, the pandemic pushed this learning even further as people are now doing everything from their homes. After all, online is more effective, cheaper, and doesn’t require much time and effort than conventional education.

If you want to make use of this time to learn more, you are in the right place. Here are the top online learning websites for you to learn new skills.

1. Udemy

Udemy is one of the most popular online learning platforms out there. You can choose from more than a hundred thousand courses. That is why it is an ideal choice for people that want to diversify their education by learning new things.

Keep in mind that you will have to purchase a course and then start learning. However, courses are not too expensive and will not put a significant dent in your pocket. After each course, you get a completion certificate.

2. Skillshare

Skillshare is a highly diverse learning platform. It has more than twenty-thousand classes, and it offers a two-month free trial to all its users. After that, you can either pay $15 each month or $99 per year.

From lifestyle to music Continue reading

LISP – OMP – BGP EVPN Interoperability – Part VII: End-to-End Data-Plane Operation

 

Introduction

 

This chapter introduces Data-Plane operation and explains how the data packets from EP3 (IP 172.16.30.3) in Datacenter Fabric are forwarded via SD-WAN to EP1 (IP 172.16.100.10) in Campus Fabric. (1) EndPoint3 sends the ICMP Request packet to its gateway switch Leaf-11. Leaf-11 makes routing decisions based on the VRF NWKT routing table. Before forwarding the packet, Leaf-11 adds a VXLAN header where it uses L3VNI 10077. It also sets the outer IP header where it uses the Border-Leaf-13 tunnel interface’s IP address 192.168.50.13 as a destination. Spine-1 routes the packet to Border-Leaf-13 based on the outer IP address. Border-Leaf-13 notices that the destination IP address of the received IP packet belongs to its’s NVE1 tunnel interface. It removes the outer IP header and based UDP destination port it notices that this is VXLAN encapsulated packet. It knows that L3VNI 10077 belongs to VRF NWKT. It strips off the VXLAN header and routes the packet to vEdge-2. The ingress interface towards DC in vEdge-2 belongs to VPN 10. vEdge-2 consults its routing table. Based on it, vEdge-2 constructs tunnel headers and sends ICMP Request to vEdge-1 via Public-Internet using MPLS Label 1003 as a VPN identifier. Routers in Internet routes packet based on the outer destination IP address. When vEdge-1 receives the packet, it notices that the destination IP address is its’ Public IP address. It first removes the outer IP header. Then it checks the tunnel header. Based on the Label value 1003, it knows that packet belongs to VPN 10. It consults the VPN 10 RIB and routes the packet to Border-PxTR-13. The ingress interface on Border-PxTR-13 belongs to VRF 100_NWKT that belongs to LISP Instance 100. It checks the Instance 100 specific LISP mapping in order to know how it should route the packet. The LISP mapping Database does not contain the information because this is the first packet to destination 172.16.100.10. Border-PxTR-13 sends a LISP Map-Request message to MapSrv-22, which replies with a LISP Map-Reply message, where it describes the RLOC of Edge-xTR-11 that has registered the IP address 172.16.100.10. I have excluded the Map-Request/Reply processes from figure 6-1 to keep the figure simple. Border-Leaf-13 encapsulates the ICMP Request packet with a tunnel header. It sets the Instance-Id 100 on the VXLAN header and adds the outer IP header where it uses the Edge-xTR-11’s IP address 192.168.0.13 as a destination address. Core-1 routes the packet to Edge-xTR-11 based on the outer IP header destination address. Edge-xTR-11 processes the ingress IP packet because the destination IP address belongs to it. Based on the destination UDP port 4789, it knows that the following header is a VXLAN header. Edge-xTR-11 knows that the LISP Instance-Id 100 is bind to BD 100. Because Edge-xTR-11 has an L3 interface in BD 100, it resolves the MAC address for the IP address 172.16.100.10 from the ARP table and the egress interface for the MAC from the MAC address table. EP1 processes the ICMP Request packet and sends the ICMP Reply to EP3.


Figure 6-1:End-to-End Data-Plane Operation.

 

Continue reading
1 690 691 692 693 694 3,849