Bangkok’s Neutral Peering Hub Scales Its Capacity

Bangkok Neutral Internet Exchange (BKNIX) recently expanded its Internet exchange capacity thanks to outstanding carrier-class equipment provided by the Internet Society In 2015, Bangkok Neutral Internet Exchange (BKNIX) was launched with the ambition to fix slow Internet, improve online experience for users, and lower the cost of Internet access for people in Thailand. BKNIX knew […]

The post Bangkok’s Neutral Peering Hub Scales Its Capacity appeared first on Internet Society.

What is gNMI?

A few weeks ago we released an episode on the fundamentals of gRPC. And while programmatic interfaces are excellent tools for network automation, often that is only the beginning of the story. That’s no exception with gRPC. In this episode we continue down the path of that gRPC conversation and into gNMI, a standards based approached to programmatic interaction with network devices utilizing gRPC. We discuss what it is, how it works, and where it stands in today’s fast moving environment.

Relevant Links:

Nick Russo

Guest

Roman Dodin

Guest

Tony Efantis

Host

Jordan Martin

Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post What is gNMI? appeared first on Network Collective.

Fundamentals: Is Switching Latency Relevant?

One of my readers wondered whether it makes sense to buy low-latency switches from Cisco or Juniper instead of switches based on merchant silicon like Trident-3 or Jericho (regardless of whether they are running NX-OS, Junos, EOS, or Linux).

As always, the answer is it depends, but before getting into the details, let’s revisit what latency really is. We’ll start with a simple two-node network.

Fundamentals: Is Switching Latency Relevant?

As always, the answer is it depends, but before getting into the details, let’s revisit what latency really is. We’ll start with a simple two-node network.

Cut-Through Switching Isn’t A Thing Anymore

So, cut-through switching isn’t a thing anymore. It hasn’t been for a while really, though in the age of VXLAN, it’s really not a thing. And of course with all things IT, there are exceptions. But by and large, Cut-through switching just isn’t a thing.

And it doesn’t matter.

Cut-through versus store-and-forward was a preference years ago. The idea is that cut-through switching had less latency than store and forward (it does, to a certain extent). It was also the preferred method, and purchasing decisions may have been made (and sometimes still are, mostly erroneously) on whether a switch is cut-through or store-and-forward.

In this article I’m going to cover two things:

Why you can’t really do cut-through switching
Why it doesn’t matter that you can’t do cut-through switching

Why You Can’t Do Cut-Through Switching (Mostly)

You can’t do cut-through switching when you change speeds. If the bits in a frame are sent at 10 Gigabits, they need to go into a buffer before they’re sent over a 100 Gigabit uplink. The reverse is also true. You can’t stuff a frame that’s piling into an interface 10 times faster than it’s sending (though it’s not slowed down).

So any switch Continue reading

VMware, Dell split to form independent firms

After many months of wrangling, Dell Technologies says it is spinning off its ownership of VMware to create two standalone companies.While it gives both companies more financial freedom, the new relationship should have no immediate effect on enterprise customers, but that could come down the road.VMware CEO Gelsinger moves to Intel Dell has had an 81% equity ownership of VMware since its 2016, $67 billion purchase of EMC, which owned VMware. Under terms of the planned spin-off, VMware will distribute a cash dividend of $11.5 - $12 billion to all VMware shareholders, which includes about $9.7 billion to Dell Technologies, the companies stated.To read this article in full, please click here

CNCF Adopts Ambassador’s API Gateway, Emissary Ingress

The Ambassador and created by Datawire, Emissary Ingress is the open source core behind the Ambassador Labs founder and CEO

SD-WAN Part IV: MPLS Network with IS-IS Segment Routing as SD-WAN Transport

Introduction

In order to have IP connectivity between hosts A and B over the underlay transport network, we need to build a tunnel (IPSec or GRE) between the Public IP addresses of vEdge devices (TLOC Routes). Then we also need VPN-specific subnet routing information (OMP Routes) to be able to route traffic over the tunnel. This chapter discusses the role and operation of various protocols involved in Control Plane operations when an MPLS Transport network is used as an Underlay Network for SD-WAN solution. The first section introduces the Segment Routing solution for building a Label Switch Path (LSP) between PE routers over the MPLS backbone by using the IS-IS routing protocol for both routing and label distribution. The second section explains how to build L3VPN between vEdge Public IP addresses over the LSP. Figure 4-1 shows the high-level routing model used in this chapter.

Figure 4-1: Control Plane Model.

Cloud Networking Startup Alkira Spins Up In Azure Marketplace

Cloud networking startup Alkira announced that it’s been selected for the “Microsoft for Startups” program. Microsoft offers the program to emerging companies to provide “technology and business support designed to help B2B startups quickly scale.” As part of the program, Alkira will get ecosystem support from Microsoft such as “access to technical, sales and marketing […]

The post Cloud Networking Startup Alkira Spins Up In Azure Marketplace appeared first on Packet Pushers.

Day Two Cloud 093: Application Modernization With VMware (Sponsored)

Today’s Day Two Cloud tackles application modernization with sponsor VMware. As new application platforms such as containers and the public cloud take hold, organizations need to examine their application portfolio to figure out how applications are meeting business requirements—and how they aren’t. The point of app modernization is to determine whether a new approach and... Read more »

Day Two Cloud 093: Application Modernization With VMware (Sponsored)

The post Day Two Cloud 093: Application Modernization With VMware (Sponsored) appeared first on Packet Pushers.

Security Power Block Series: Secure Your Data Center with NSX Firewall

We get it. The world of network security is changing, and it’s hard to keep up. Between your regular duties, pressure to adapt to changing realities, and pandemic stress on both your work and home life, it’s a challenge to find the time to build new skills.

Understanding that your time is precious, we’ve created a series of succinct, 30-minute, security-focused webinars that take a deep dive into the topics, strategies, and techniques you need to know. The four sessions in our Security Power Block Series will explore the new security landscape, how our unique architecture is ideal for protecting East-West traffic from modern security threats, and real-world use cases you can use to operationalize your data center security at scale.

You can register for one, two, three, or all sessions at once and you’ll automatically receive invitations with session links that you can add directly to your calendar. Staying informed — and learning new skills — couldn’t be easier.

Network Segmentation Made Easy

April 14, 2021
10:00 a.m. PT

Zoning or segmenting data center networks into manageable chunks Continue reading

Taking control of your Ubuntu desktop

You may have a lot more control over your Ubuntu desktop than you know. In this post, we'll look into what you should expect to see by default and how you can change that.Most Linux desktops start out charmingly uncluttered. They display a handful of icons on an attractive background. These include shortcuts for launching applications, generally along the left side or bottom of the screen, and maybe another icon or two in the otherwise open area.The uncluttered desktop is generally a good thing. You can open folders using your file manager and move around to any group of files that you need to use or update. By changing a setting on Ubuntu (and related distributions), however, you can also set up your system to open with a specified set of files in view – and you don't have to move them into your Desktop folder to do so.To read this article in full, please click here

Automating ServiceNow with Red Hat Ansible Automation Platform

IT service management (ITSM) is a collection of policies and processes for the management and support of IT services. The main focus of ITSM is increasing the value of the customers’ service chain. But without the proper automation support, providing IT services can quickly become a major time-sink.

This is where the Red Hat Ansible Automation Platform and the Red Hat Ansible Certified Content Collection for ServiceNow come into play. Ansible Automation (with some help from existing Ansible content) can automate just about any task, while the modules from this Certified Collection allow us to keep the ServiceNow information up to date.

This Collection was designed and developed by the XLAB Steampunk team in close collaboration with Red Hat Ansible, specifically keeping end-users in mind. ServiceNow modules have an intuitive user interface backed by a robust implementation, offering support for things Ansible users expect (e.g., check mode and change detection).

In this post, we will look at a few sample Ansible Playbooks that take care of essential tasks such as:

Updating incidents, problems, and change requests
Updating the ServiceNow configuration management database (CMDB)
Using the CMDB as an inventory source

Installing the Certified Content Collection for ServiceNow

We Continue reading

Netsim-tools Release 0.5 Work with Containerlab

TL&DR: If you happen to like working with containers, you could use netsim-tools release 0.5 to provision your container-based Arista EOS labs.

Why does it matter? Lab setup is blindingly fast, and it’s easier to integrate your network devices with other containers, not to mention the crazy idea of running your network automation CI pipeline on Gitlab CPU cycles. Also, you could use the same netsim-tools topology file and provisioning scripts to set up container-based or VM-based lab.

What is containerlab? A cool project that builds realistic virtual network topologies with containers. More details…

Netsim-tools Release 0.5 Work with Containerlab

TL&DR: If you happen to like working with containers, you could use netsim-tools release 0.5 to provision your container-based Arista EOS labs.

What is containerlab? A cool project that builds realistic virtual network topologies with containers. More details…

Captain Take 5 – Nuno do Carmo

Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what their best Docker tip is to whether they prefer cats or dogs (personally, we like whales and turtles over here). Today, we’re interviewing Nuno do Carmo who has been a Docker Captain since 2019. He is a Sr System Analyst for a pharmaceutical company based in Switzerland and he is based in Montreux.

How/when did you first discover Docker?

Back in 2015, I was hanging with friends and we would meet once a week to check on technologies and we found out a training on Pluralsight, given by a certain Nigel Poulton, and we decided to “temporarily” download it, **cough**.

Both the training method from Nigel and the technology of Docker were an instant hit for us. We started to learn as hobbyists and fast forward, I guess I took it more at heart than my friends, haha.

What is your favorite Docker command?

`docker Continue reading

Making Firefox on Linux use Private Browsing by Default

While there are a couple different methods to make Firefox use private browsing by default (see this page for a couple methods), these methods essentially force private browsing and disable the ability to use “regular” (non-private) browsing. In this post, I’ll describe what I consider to be a better way of achieving this, at least on Linux.

It’s possible this method will also work on Windows, but I haven’t tested it. If anyone gets a chance to test it and let me know, I’ll update this post and credit you accordingly. Just hit me on Twitter and let me know what you’ve found in your testing. I’ve also only tested this on Fedora, but it should be the same or very similar for any distribution that uses GNOME.

GNOME uses the idea of “desktop files” (typically found in /usr/share/applications or ~/.local/share/applications) to enable the launching of applications via the Activities screen or other mechanisms. (For more information on desktop files, see here.) These desktop files specify where the executable is found, what command-line parameters to use, what icon to use, what name the application should go by, etc. Desktop files also allow application developers or users Continue reading

In Defense Of EIGRP With Zig Zsiga And Ethan Banks – Video

Zig Zsiga and Ethan Banks talk through use cases for the sometimes maligned EIGRP, a popular choice in Cisco networks for decades. The conversation covers EIGRP design basics, the stuck-in-active problem, stub routing, and RFC7868. Comparisons are made to how OSPF design differs to accomplish similar goals. This was originally published as an audio-only podcast […]

The post In Defense Of EIGRP With Zig Zsiga And Ethan Banks – Video appeared first on Packet Pushers.

Defense in Depth: The First Step to Security Certainty

Allen McNaughton Allen is the Director of Technical Sales, Public Sector at InfoBlox. He has over 20 years of experience in developing security solutions for service providers, public sector and enterprise customers. Bad actors are constantly coming up with ways to evade defensive techniques put in place by government agencies, educational institutions, healthcare providers, companies and other organizations. To keep up, network security needs what’s known as “defense in depth” — a strategy that leverages different security solutions to provide robust and comprehensive security against unauthorized intruders. Think about securing your house — locks on your doors only protect your doors. But if you have locks on your doors and windows, a high fence, security cameras, an alarm system and two highly trained guard dogs, you have what we call “defense in depth.” The same goes for networks. When it comes to building a defense-in-depth strategy for your network, the first and most important feature is visibility — knowing what is on your network. Why Visibility? Because You Can’t Protect What You Can’t See If you can’t see it, you can’t protect it — it’s obvious if you think about it. Without understanding the devices, hardware, software and traffic Continue reading

« Previous 1 … 695 696 697 698 699 … 3,785 Next »