NetworkingNexus.net

Network Break 327: Cisco Embraces As-A-Service Procurement; Will Amazon Make Its Own ASICs?

Today's Network Break sifts through the most interesting news from Cisco Live 2021 including an as-a-service procurement model, support for biometric-based authentication, integrating ThousandEyes and AppDynamics, and more. We also examine reports that Amazon is designing its own switch ASIC, and discuss new research on harvesting power from 5G electromagnetic waves.

The post Network Break 327: Cisco Embraces As-A-Service Procurement; Will Amazon Make Its Own ASICs? appeared first on Packet Pushers.

CONTAINERlab

CONTAINERlab is a Docker orchestration tool for creating virtual network topologies. This article describes how to build and monitor the leaf and spine topology shown above.

Note: Docker testbed describes a simple testbed for experimenting with sFlow analytics using Docker Desktop, but it doesn't have the ability to construct complex topologies.

multipass launch --cpus 2 --mem 4G --name containerlab
multipass shell containerlab

The above commands use the multipass command line tool to create an Ubuntu virtual machine and open shell access.

sudo apt update
sudo apt -y install docker.io
bash -c "$(curl -sL https://get-clab.srlinux.dev)"

Type the above commands into the shell to install CONTAINERlab.

Note: Multipass describes how to build a Mininet network emulator to experiment with software defined networking.

name: test
topology:
  nodes:
    leaf1:
      kind: linux
      image: sflow/frr
    leaf2:
      kind: linux
      image: sflow/frr
    spine1:
      kind: linux
      image: sflow/frr
    spine2:
      kind: linux
      image: sflow/frr
    h1:
      kind: linux
      image: alpine:latest
    h2:
      kind: linux
      image: alpine:latest
  links: 
    - endpoints: ["leaf1:eth1","spine1:eth1"]
    - endpoints: ["leaf1:eth2","spine2:eth1"]
    - endpoints: ["leaf2:eth1","spine1:eth2"]
    - endpoints: ["leaf2:eth2","spine2:eth2"]
    - endpoints: ["h1:eth1","leaf1:eth3"]
    - endpoints: ["h2:eth1","leaf2:eth3"]

The test.yml file shown above specifies the topology. In this case we are using FRRouting (FRR) containers for the leaf Continue reading

It’s Not What You Say. It’s How You’re Heard.

In written communication, technical people can sometimes come across as impolite. I see this on Slack (talking down), Twitter (the angry tweeter), in emails (blunt and terse), in blog comments (bitter sarcasm or pedantry), Hacker News discussions (aggressive confrontation), and other places IT builders gather online.

Perhaps you, as just such a technical person, don’t mean to be impolite. Maybe your focus is on efficiency. Get to the point. Say what needs saying, however it comes out. Click send. Job done. Go back to facepalming at the Swagger docs explaining this ill-considered API you need to use.

Here’s the problem with your communications approach. To the person receiving your missive, you might sound like you’re upset. Or tone-deaf. Or maybe just a jerk. You’re presumably none of those things, at least not intentionally. We’re all nice folks who want to get along with our fellow humans, right?

It’s not what you say. It’s how you’re heard.

You need to communicate in such a way that you’re heard as you mean to be heard. If you’re not good at this and want to be, you can improve your messaging.

Before hitting send, engage in role reversal. If you received a Continue reading

The Week in Internet News: Biden Wants Broadband for All

Filling the gaps: U.S. President Joe Biden has proposed spending $100 billion over eight years to bring broadband to all areas of the country, CNet reports. The broadband spending is part of a $2.25 trillion infrastructure proposal, which would also include repair of roads and bridges and improvements to the water supply and electrical grids. […]

The post The Week in Internet News: Biden Wants Broadband for All appeared first on Internet Society.

Tools 6. Where are my packets lost? MTR edition.

Hello my friend,

after show pause we continue our blog series about the most popular network troubleshooting tools, which humankind has ever created. Today we’ll take a look at one of the most useful tool to obtain the information about the path between two endpoints and possible packet drops over that path. Ladies and gentlemen, please, welcome MTR.


1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Can automation help with figuring what happened where?

In case of the infrastructure problems (networks, servers, VMs, containers), the time matters a lot. The quicker we can find the issue and fix that, the better it will be for our applications and our customers. Automation without doubts one of the key components, which allows you to quickly find and fix your issues.

In our trainings, the Live Network Automation Training (10 weeks) and Automation with Nornir (2 weeks), we explore a lot of real use cases, where the automation helps you to validate the state of you Continue reading

Building Unnumbered Ethernet Lab with netlab

Last week I described the new features added to netsim-tools release 0.4, including support for unnumbered interfaces and OSPF routing. Now let’s see how I used them to build a multi-vendor lab to test which platforms could be made to interoperate when running OSPF over unnumbered Ethernet interfaces.

This blog post has been updated to use the new netlab CLI introduced in netsim-tools release 0.8 and new IPAM features introduced in release 1.0
netsim-tools project has been renamed to netlab.

Building Unnumbered Ethernet Lab with netsim-tools

I needed to define an unnumbered addressing pool first:

addressing:
  core:
    unnumbered: true

I wanted to run OSPF on all devices in the lab:

module: [ ospf ]

5G is Here: A Call for Shared Responsibility with Cybersecurity

The key factor for the organizations that thrive amidst the 5G revolution will be those that understand and take a shared responsibility towards protecting the assets on the network.

Controversial Reads 040321

please note I do not necessarily agree with anything contained in the articles linked here, nor do I necessarily support any of the sites I link to—I gather these links because I think they are interesting and present an interesting point of view worth hearing

Join us as we talk with Michael about the attention economy and its impact on the rise of everything from influencers to QAnon and its consequences on belief, facts and democracy.

As stated earlier, o.com along with most of the single-character .com labels were registered by Dr. Postel on December 1, 1993 as a way of reserving these domain names for a since-unrealized potential development path for the Internet’s Domain Name System (DNS).

But it strains credulity to believe random tweets can lead otherwise normal people to drive across the country and stage an insurrection. That places an undue focus on misinformation itself, rather than on the people and institutions sharing it and on the people who choose to access and believe it.

Mark Zuckerberg, Sundar Pichai and Jack Dorsey will visit with Congress today, as each has multiple times since last October, to testify about the spread of misinformation (gossip, mistakes and lies) Continue reading

BiB100: Zero Trust With Araali Networks

Today’s briefing summary is about startup Araali Networks, one of the most interesting startups we’ve chatted with in a while. Abhishek Singh, CEO and co-founder, gave Ethan Banks and Drew Conry-Murray at Packet Pushers an overview of their approach to modern application security on March 31, 2021.

BiB100: Zero Trust With Araali Networks

The post BiB100: Zero Trust With Araali Networks appeared first on Packet Pushers.

It’s time for Enterprise Cloud Networking

It’s time to get things cranking here again and a big topic is going to be enterprise cloud networking. What I mean by that in simple terms is how an enterprise can use the networking services of cloud providers to build, migrate, and run their most important applications in the cloud.

Over the last 6 years a lot has happened in the shift to public cloud. I don’t need to explain that to you. We already know that building and migrating applications in/to the cloud is what the world is doing – and for reasons that no longer need explaining.

What’s more interesting now is that the term “the cloud” used to mean one thing: Amazon Web Services. Six years ago, when you said to somebody, “Yeah, so, we are going to migrate this application to the cloud.” – nobody asked what cloud you were talking about and why.

And in the very same stride “cloud networking” implied AWS Networking. If you told somebody that you were a cloud network architect, nobody questioned that either. It meant that you knew AWS VPC, Direct Connect, Route 53, NAT Gateways, Security Groups, VPC subnets and route tables, the various AWS instances Continue reading

Shining a Light on IT Operations Metrics

Massive amounts of data streaming out of the systems can help IT administrators and others keep up to date about that performance and the overall end-user experience.

Nokia Lab | LAB 1 Basic |

Introduction

Hi there!

I'm starting a series of notes focused on Nokia SR-OS labs. It's a part of my preparing for NRSII and SRA.

Some input points:

Labs contain: tasks and questions, topology, final configs, useful debug commands, and different tips;

It’s not a lab guide. it’s just my notes which may be useful for someone. I will try to give the right structure of labs and ask reasonable questions. But you can use them as a reference for your own labs. Change everything and have fun :)

I make more emphasis on structure and coverage than explanation and step-by-step configuration. In my opinion, step-by-step guides or Youtube tutorials are unuseful for exam preparing or learning something. It's looking like entertainment content. So I don't provide answers, CLI outputs, debug outputs, traffic dumps. I'm sure you should try it yourself.

I use TiMOS-B-12.0.R6 (It’s temporary)

Topology example

Lab tasks and questions:

card provisioning

provision card and MDA
examine card and MDA status
examine card and MDA detail info

ports configuration

enable ports

examine ports status

What is a default port mode?

What’s a default port MTU for every port mode?

L3 interface configuration(ipv4 and ipv6)

create Continue reading

Weekend Reads 040221

The Atlas, launched in July, contains data on more than 7,000 surveillance programs—including facial recognition, drones, and automated license plate readers—operated by thousands of local police departments and sheriffs’ offices nationwide.

Power management may not be at the top of anyone’s priority list when they think about cybersecurity. But to quote the famous words of Bob Dylan: “The times, they are a-changin’.”

Three years ago, Spectre changed the way we think about security boundaries on the web. It quickly became clear that flaws in modern processors undermined the guarantees that web browsers could make about preventing data leaks between applications.

With a growing number of threat sources and successful cybersecurity attacks, organizations find themselves in a tricky spot if they wish to survive cyberspace.

Until the (more or less) recent explosion of new DNS RFCs (aka the ‘DNS Camel’, loosely referring to the straw that broke the camel’s back), I used to think of the DNS as something similar to chess, with a fairly simple set of rules that developed into complex systems when deployed.

As I write this, the world is probably days away from the “Great Email Robbery,” where a large number of threat actors around the Continue reading

Heavy Networking 571: Network Automation Workflows With Jenkins

Today on Heavy Networking, we talk about how to roll your own network automation workflow. Guest Steve Puluka has developed an automation workflow system that uses GitLab and Jenkins, among other tools, to make sure the network devices he supports are pure gold. We talk about how it works, and how you can put your own together.

Heavy Networking 571: Network Automation Workflows With Jenkins

The post Heavy Networking 571: Network Automation Workflows With Jenkins appeared first on Packet Pushers.

Technology Short Take 139

Welcome to Technology Short Take #139! This Technology Short Take is a bit heavy on cloud, OS, and programming topics, but there should be enough other interesting links to be useful to plenty of folks. (At least, I hope that’s the case!) Now, let’s get on to the content!

Networking

Tony Mackay has a tutorial showing how to use Traefik to rate-limit requests to a WordPress instance.
Ali Al Idrees has a post on using NSX ALB (formerly Avi Networks) with Kubernetes clusters in a vSphere with Tanzu environment.
This post provides some examples of shared control planes (and thus shared failure domains) within networking.
In this post, Jakub Sitnicki digs way deep into the Linux kernel to uncover the answer to the question, “Why are there no entries in the conntrack table for SYN packets dropped by the firewall?” Get ready to get nerdy!
This article on eBPF and Isovalent (the company behind the Cilium CNI plugin for Kubernetes) has some statements with which I agree, and some that don’t make sense to me. For example, I agree with the statement that the “impact eBPF will have on networking, security and observability will be widespread”. However, Continue reading

Arm’s latest: A CPU design to better serve AI, ML

Arm Holdings has introduced the Armv9 microarchitecture, the first overhaul of its CPU architecture in a decade, with heavy emphasis on security and all things artificial intelligence (AI) and machine learning (ML).Arm, for the unfamiliar, does not make CPUs like Intel and AMD. It makes basic architectural designs that licensees modify with their own special technological sauce. It makes variances for high-performance, mobile, embedded, and edge/cloud.[Get regularly scheduled insights by signing up for Network World newsletters.] As part of Arm’s Vision Day event earlier this week, the company announced the first details of the Armv9 architecture, with more to come later this year. The company has to tread cautiously as it is in the process of being acquired by Nvidia, and forces are lining up to oppose the deal.To read this article in full, please click here

Arm’s latest: A CPU design to better serve AI, ML

« Previous 1 … 702 703 704 705 706 … 3,785 Next »