0

The Effectiveness of AS Path Prepending (2)

Last week I began discussing why AS Path Prepend doesn’t always affect traffic the way we think it will. Two other observations from the research paper I’m working off of are:

• Adding two prepends will move more traffic than adding a single prepend
• It’s not possible to move traffic incrementally by prepending; when it works, prepending will end up moving most of the traffic from one inbound path to another

A slightly more complex network will help explain these two observations.

Assume AS65000 would like to control the inbound path for 100::/64. I’ve added a link between AS65001 and 65002 here, but we will still find prepending a single AS to the path won’t make much difference in the path used to reach 100::/64. Why?

Because most providers will have a local policy configured—using local preference—that causes them to choose any available customer connection over other paths. AS65001, on receiving the route to 100::/64 from AS65000, will set the local preference so it will prefer this route over any other route, including the one learned from AS65002. So while the cause is a little different in this case than the situation covered in the first post, the result is the Continue reading

0

VMware Wins 2021 Global InfoSec Award as Market Leader in Firewall 

Today at RSA Conference 2021, we’re excited to announce that VMware is a winner of the CyberDefense Magazine 2021 Global InfoSec Award as Market Leader in Firewall.  One of VMware’s core beliefs is that we need structural and architectural changes to how organizations approach security. This means taking a fresh look at how we approach issues such as internal data center security. This is exactly what led us to deliver the VMware NSX Service-defined Firewall.

The NSX Service-defined Firewall is one of the foundations of VMware Security. This solution is a unique distributed, scale-out internal firewall that protects all east-west traffic across all workloads without network changes. This radically simplifies the security deployment model. It includes a distributed firewall, advanced threat protection, and network traffic analytics. With the VMware NSX Service-defined Firewall, security teams can protect their organizations from cyberattacks that make it past the traditional network perimeter and attempt to move laterally. Its key differentiating capabilities include:

• Distributed, granular enforcement: The NSX Service-defined Firewall provides distributed and granular enforcement of security policies to deliver protection down to the workload level, eliminating the need for network changes.
• Scalability and throughput: Because it is distributed, the Service-defined Firewall is elastic, Continue reading

0

How Quantcast Navigated the Cloud TCO Conundrum

Imagine a platform that hits a database with over a trillion online signals in a 100ms window and scores ML models over one million times per second to deliver near-real time results across over 100 million destinations. …

How Quantcast Navigated the Cloud TCO Conundrum was written by Nicole Hemsoth at The Next Platform.

0

Pure Storage inches toward a cloud business model

Pure Storage is upgrading to its Portworx Enterprise software that improves the scale of Kubernetes while simplifying the process of supporting multiple platforms.Portworx Enterprise 2.8 features new integrations across Pure’s line of products and services and with VMware Tanzu, VMware’s container-orchestration software. It comes with dynamic storage provisioning on Pure’s FlashArray and FlashBlade hardware and offers unified visibility and support via Pure1, Pure’s AI-drive operations software. Read about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space This allows volumes and file systems to be provisioned using Kubernetes without the need to directly interface with the backing storage arrays. That means containerized workloads can run seamlessly across the cloud, bare metal infrastructure, Pure Storage arrays, and even storage solutions from other vendors.To read this article in full, please click here

0

Pure Storage inches toward a cloud business model

Pure Storage is upgrading to its Portworx Enterprise software that improves the scale of Kubernetes while simplifying the process of supporting multiple platforms.Portworx Enterprise 2.8 features new integrations across Pure’s line of products and services and with VMware Tanzu, VMware’s container-orchestration software. It comes with dynamic storage provisioning on Pure’s FlashArray and FlashBlade hardware and offers unified visibility and support via Pure1, Pure’s AI-drive operations software. Read about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space This allows volumes and file systems to be provisioned using Kubernetes without the need to directly interface with the backing storage arrays. That means containerized workloads can run seamlessly across the cloud, bare metal infrastructure, Pure Storage arrays, and even storage solutions from other vendors.To read this article in full, please click here

0

Tech Resume Library: 27 downloadable templates for IT pros

A well-crafted resume will attract recruiters, HR pros and hiring managers, but getting it just right is a daunting task. To jump start the process, Insider Pro has assembled this collection of real resumes revamped by professional resume writers. (Watch this space for new templates.)

0

The Week in Internet News: U.S. Rolls Out Broadband Subsidy

Help is on the way: The U.S. government is offering a $50-a-month broadband subsidy for people who took a financial hit during the COVID-19 pandemic, CNet reports. The subsidies are part of a COVID-19 relief package passed by Congress in December. More than 825 broadband providers, including AT&T, Comcast and Verizon, are participating. Online soldiers: An […]

The post The Week in Internet News: U.S. Rolls Out Broadband Subsidy appeared first on Internet Society.

0

IoT helps make return-to-work safer

With more employees preparing to return to company offices at least part of the time, businesses have turned their attention to ensuring the safety of workers—given the ongoing Covid-19 pandemic. In some cases, Internet of Things (IoT) and networking technologies are playing a key role in these efforts.In fact, organizations might make decisions on when and how to bring workers back based on how well they can monitor them and their behavior using these tools.To read this article in full, please click here

0

netsim-tools release 0.6.2

Last week we pushed out netsim-tools release 0.6.2. It’s a maintenance release, so mostly full of bug fixes apart from awesome contributions by Leo Kirchner who

• Made vSRX 3.0 work on AMD CPU (warning: totally unsupported).
• Figured out how to use vagrant mutate to use virtualbox version of Cisco Nexus 9300v Vagrant box with libvirt

Other bug fixes include:

• Numerous fixes in Ansible installation playbook
• LLDP on all vSRX interfaces as part of initial configuration
• Changes in FRR configuration process to use bash or vtysh as needed
• connect.sh executing inline commands with docker exec

0

netsim-tools release 0.6.2

Last week we pushed out netsim-tools release 0.6.2. It’s a maintenance release, so mostly full of bug fixes apart from awesome contributions by Leo Kirchner who

• Made vSRX 3.0 work on AMD CPU (warning: totally unsupported).
• Figured out how to use vagrant mutate to use virtualbox version of Cisco Nexus 9300v Vagrant box with libvirt

Other bug fixes include:

• Numerous fixes in Ansible installation playbook
• LLDP on all vSRX interfaces as part of initial configuration
• Changes in FRR configuration process to use bash or vtysh as needed
• connect.sh executing inline commands with docker exec

0

Ancient Tech for a Modern Threat: Can Tape Backup Foil Ransomware?

By diversifying your backups, you are increasing the chances of having one left in the unfortunate event ransomware comes knocking.

0

How to Make Friends at Work

Do you have a few people at work that you can trust?

Having friends at work is more important than you think. Research suggests that being part of a close group in the workplace leads to higher levels of employee productivity, motivation, and loyalty towards the organization. 

But what if you are an introvert, or are simply having trouble trying to fit into the new workplace? The good news is that there are always ways that you that make friends at work. If you think fitting in at work is far too difficult for you, we recommend trying the following tips. 

1. Listen Closely. 

The first step towards making friends at work is being a great listener. There is always an unspoken office culture being followed – whether that’s certain inside jokes, bringing cakes for birthdays, methods of greeting, or even nicknames for certain people. You should also carefully observe how everybody communicates with one another. Do they prefer emails, or do they have a group chat? By listening closely, you become better aware of how things work around the office and you can easily start fitting into place. 

2. Greet Everybody.

An easy way to Continue reading

0

Networking Interviews – How to Ask Good Questions

I’m not sure if it’s just us in networking/IT, or people leading interviews in general (probably the latter), but we have a tendency to ask really bad questions in interviews. Often the questions revolve around factoids or things that need to be memorized. Some interviewers will even intentionally try to “trick” you. This is a really bad way of conducting an interview and will guaranteed lead to poor results. Instead of asking someone to quote an RFC, you should focus on asking open-ended questions and even guide the candidate if they are getting stuck on something. Why?

Reasoning – You want to see how people reason their way to answering a question. What is their thought process? Asking the administrative distance of BGP will just give you back a one-sentence answer or no answer at all. You can learn much more about someone’s skill level if you give them some clues and see if they can take the discussion forward. Are they comfortable asking you for input? Are they comfortable saying that they don’t know something?

Remove tension – Most, if not all, people are somewhat nervous when being interviewed. You want get an accurate representation of their skill so Continue reading

0

Worth Reading: Rethinking Internet Backbone Architectures

Johan Gustawsson wrote a lengthy blog post describing Telia’s approach to next-generation Internet backbone architecture… and it’s so refreshing seeing someone bringing to life what some of us have been preaching for ages:

• Simplify the network;
• Stop cramming ever-more-complex services into the network;
• Bloated major vendor NPUs implementing every magic ever envisioned are overpriced – platforms like Broadcom Jericho2 are good enough for most use cases.
• Return from large chassis-based stupidities to network-centric high availability.

I don’t know enough about optics to have an opinion on what they did there, but it looks as good as the routing part. It would be great to hear your opinion on the topic – write a comment.

0

Worth Reading: Rethinking Internet Backbone Architectures

Johan Gustawsson wrote a lengthy blog post describing Telia’s approach to next-generation Internet backbone architecture… and it’s so refreshing seeing someone bringing to life what some of us have been preaching for ages:

• Simplify the network;
• Stop cramming ever-more-complex services into the network;
• Bloated major vendor NPUs implementing every magic ever envisioned are overpriced – platforms like Broadcom Jericho2 are good enough for most use cases.
• Return from large chassis-based stupidities to network-centric high availability.

I don’t know enough about optics to have an opinion on what they did there, but it looks as good as the routing part. It would be great to hear your opinion on the topic – write a comment.

0

Controversial Reads 051521

Apple’s long-awaited privacy update for iOS is out, and it’s a solid step in the right direction.

A little over a year into the COVID-19 pandemic, our reliance on private, safe, and secure communication has become more critical than ever.

Today, the “datasphere”, or the volume of data in the world – is estimated to be over 60 Zettabytes. We even have a term for it: Big Data.

Last year, Facebook created its widely dubbed “Supreme Court” (officially the Oversight Board) in an effort to outsource some of the platform’s most difficult content decisions.

Just stop. Stop telling us why your 5G network is the very best and fastest and most reliable. Stop running commercials about how life-changing your 5G network is.

Founded in 1987 by Chinese native Morris Chang, Taiwan Semiconductor Manufacturing Company (TSMC) was the first “pure play” foundry, a manufacturer of integrated circuits designed by other companies.

Everyday, your personal information is being harvested by your smart phone applications, sold to data brokers, and used by advertisers hoping to sell you things.

One skill he focuses on is abduction, which was Sherlock Holmes’s favorite method.

Yesterday, The Epoch Times reported on leaked internal Chinese government documents revealing Continue reading

0

AWS DeepLens and Telegram saving bird’s food and plants from my Dog!

Weekend project after a while!. Not Long ago, I did mention that my cute Dog is responsible for destructing most of the wall and paper, when enquired pro’s said its part of puppy growing up and it still needs time.Along with Dog, I personally would love to feed and enjoy petting other species to be honest out of which birds and plants are major, there are earthworms and sea life but Dog is not a threat to them based on the placement.

Links

Git: https://github.com/yukthr/auts/tree/master/aws_deeplens

Credits: Some of the code block is picked up from : https://aws.amazon.com/blogs/machine-learning/building-a-smart-garage-door-opener-with-aws-deeplens-and-amazon-rekognition/

Tripod stand: https://www.amazon.co.uk/gp/product/B08FGSV9CZ/ref=ppx_yo_dt_b_asin_title_o04_s00?ie=UTF8&psc=1

Deeplens : https://www.amazon.co.uk/AWS-DeepLens-2nd-Generation-learning-enabled/dp/B07KYLSRZM/ref=sr_1_1?crid=36ZDKLZ7XF7Q3&dchild=1&keywords=deeplens&qid=1621074882&sprefix=deeplens%2Celectronics%2C156&sr=8-1

AWS DeepLens

https://aws.amazon.com/deeplens/ – Is ML/AI enabled camera which can be used at edge inferencing. Slipping down to my usual choice of words, this piece of equipment has an onboard camera , a Gpu , a Cpu and ubuntu host OS. Easily integrates with AWS and runs a local Lambda for inferencing, hence decisions are made on the device instead of reaching out to AWS to do the logic.

What is the problem!

There is a small garden at the rear of the Continue reading

0

Worth Exploring: Magic Carpet

John Capobianco recently released his Magic Carpet: a tool that helps you gather information from network devices without the usual Ansible bloat and glacial speed.

Believing in “no job is finished until the paperwork is done”, he wrote extensive documentation, and recorded a collection of videos describing the tool’s functionality – definitely worth reading, watching, and exploring.

0

‘FragAttack’ flaws threaten Wi-Fi, but not too seriously

Almost all Wi-Fi is potentially vulnerable to flaws that date back to 1997 when it became commercially available, but even the person who discovered the weaknesses says some of them are difficult to exploit. Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who’s the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for Mathy Vanhoef, a post-doctoral student at NYU Abu Dhabi, has created attacks—FragAttacks—that take advantage of the vulnerabilities, but in an academic paper about them, says the most widespread vulnerabilities can be exploited only under specific, rare conditions, and require either user interaction or highly unusual configurations to succeed.To read this article in full, please click here

0

‘FragAttack’ flaws threaten Wi-Fi, but not too seriously

Almost all Wi-Fi is potentially vulnerable to flaws that date back to 1997 when it became commercially available, but even the person who discovered the weaknesses says some of them are difficult to exploit. Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who’s the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for Mathy Vanhoef, a post-doctoral student at NYU Abu Dhabi, has created attacks—FragAttacks—that take advantage of the vulnerabilities, but in an academic paper about them, says the most widespread vulnerabilities can be exploited only under specific, rare conditions, and require either user interaction or highly unusual configurations to succeed.To read this article in full, please click here