Reader Question: What Networking Blogs Would You Recommend?
A junior networking engineer asked me for a list of recommended entry-level networking blogs. I have no idea (I haven’t been in that position for ages); the best I can do is to share my list of networking-related RSS feeds and the process I’m using to collect interesting blogs:
Infrastructure
- RSS is your friend. Find a decent RSS reader. I’m using Feedly – natively in a web browser and with various front-ends on my tablet and phone (note to Google: we haven’t forgotten you killed Reader because you weren’t making enough money with it).
- If a blog doesn’t have an RSS feed I’m not interested.
Reader Question: What Networking Blogs Would You Recommend?
A junior networking engineer asked me for a list of recommended entry-level networking blogs. I have no idea (I haven’t been in that position for ages); the best I can do is to share my list of networking-related RSS feeds and the process I’m using to collect interesting blogs:
Infrastructure
- RSS is your friend. Find a decent RSS reader. I’m using Feedly – natively in a web browser and with various front-ends on my tablet and phone (note to Google: we haven’t forgotten you killed Reader because you weren’t making enough money with it).
- If a blog doesn’t have an RSS feed I’m not interested.
Gelsinger Leads Emboldened Intel With Ice Lake Launch
The past several years haven’t been easy on Intel. The world’s top processor maker stumbled on its transition from 14 nanometer to 10 nanometer manufacturing and still finds itself behind rivals like AMD and Arm, which have made the move to 7 nanometer processes and which have line of sight on 5 nanometer. …
Gelsinger Leads Emboldened Intel With Ice Lake Launch was written by Jeffrey Burt at The Next Platform.
What Cloud Maturity Means in 2021
In 2021, the pace of cloud adoption and the pace of the cloud maturity model (CMM) journey have accelerated drastically.How Calico Cloud’s runtime defense mitigates Kubernetes MITM vulnerability CVE-2020-8554
Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable.
Despite this, there is currently no patch for the issue. While Kubernetes did suggest a fix, it only applies to external IPs using an admission webhook controller or an OPA gatekeeper integration, leaving the door open for attackers to exploit other attack vectors (e.g. internet, same VPC cluster, within the cluster). We previously outlined these in this post.
Suggested fixes currently on the market
Looking at the Kubernetes security market, there are currently a few security solutions that attempt to address CVE-2020-8554. Most of these solutions fall into one or two of three categories:
- Detection (using Kubernetes audit logs)
- Prevention (using admission webhook controller)
- Runtime defense (inline defense)
A few of the solutions rely on preventing vulnerable deployments using an OPA gatekeeper integration; these solutions alert users when externalIP (possibly loadBalancerIP) is deployed in their cluster configurations. Most solutions, however, present a dual strategy with a focus on prevention and detection. They use an admission controller for Continue reading
History of Internet 2: Dale Finkelsen
The Internet was originally designed as a research network, but eventually morphed into a primarily commercial system. While “Internet 2” sounds like it might be a replacement for the Internet, it was really started as a way to interconnect high speed computing systems for researchers—a goal the Internet doesn’t really provide any longer. Dale Finkelsen joins Donald Sharp and Russ White for this episode of the History of Networking to discuss the origins of Internet 2.
Intel Fields A 10 Nanometer Server Chip That Competes
At long last, Intel is finally shipping a Xeon SP processor that is based on a 10 nanometer chip manufacturing process and it is finally able to do a better job competing on the technical and economic merits of its Xeon SP processors as architected rather than playing the total system card or the risk card or the discount card to keep its core datacenter compute engine business humming along. …
Intel Fields A 10 Nanometer Server Chip That Competes was written by Timothy Prickett Morgan at The Next Platform.
Vast Data Sheds Hardware Business to Tackle Largest Users
For storage startups focused on the highest end of infrastructure, removing the costs associated with a hardware business might be the only way to reach potential.
Vast Data Sheds Hardware Business to Tackle Largest Users was written by Nicole Hemsoth at The Next Platform.
Nokia Lab | LAB 2 OSPF |
Introduction
Hello everyone!
It's my second Nokia lab. I've tried to cover the main scope of OSPF questions. Lets lab!
Please check my first lab for input information.
Topology example
Lab tasks and questions:
- Basic OSPF (Backbone area)
- configure OSPF area 0 (R1 and R2, use P2P interface type, add “system” interface to OSPF)
- configure BFD and authentication on interfaces
- examine BFD session
- examine the connection between OSPF adjacency and BFD session
- How can you break adjacency? Try it. What factors can influence adjacency?
- What LSA types do you see?
- examine every LSA in detail
- What is the default preference of OSPF routes?
- Multi-area OSPF(Area 0, Area 1 TNSSA, Area 2 Normal, Area 3 Totally Stub)
- configure area 1 as a Totally NSSA area
- run debug OSPF hello packets between R1 and R3
- examine hello packets
- Does it contain special bits?
- export it to OSPF by policy
- What router type is R3?
- examine LSDB on R3 - especially check NSSA external LSA
- Does it contain special bits? Describe purpose of them
Getting Started With BGP Global Resource Modules
With the increasing size and complexity of modern enterprise networks, the demand on simplifying the networks management becomes more intense. The introduction of resources modules with Ansible Engine 2.9 provide a path to users to ease the network management, especially across multiple different product vendors.
In the past, we’ve already covered resource modules for OSPF management and for ACLs. However, simplifying network management is not limited to rather local network setups or intra domain routing only. “Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the internet. The protocol is often classified as a path vector protocol but is sometimes also classed as a distance-vector routing protocol.” It is used in larger network setups, as the NetworkWorld so aptly observes:
BGP has been called the glue of the Internet and the postal service of the internet. One comparison likens BGP to GPS applications on mobile phones.
Managing BGP manually for a network device can be a very difficult and tedious task, and more often this needs to be performed carefully, as the manual process is more prone to human error.
This blog post goes Continue reading
Tier 1 Carriers Performance Report: March, 2021
The post Tier 1 Carriers Performance Report: March, 2021 appeared first on Noction.
Free Exercise: Build Network Automation Lab
A while ago, someone made a remark on my suggestions that networking engineers should focus on getting fluent with cloud networking and automation:
The running thing is, we can all learn this stuff, but not without having an opportunity.
I tend to forcefully disagree with that assertion. What opportunity do you need to test open-source tools or create a free cloud account? My response was thus correspondingly gruff:
Free Exercise: Build Network Automation Lab
A while ago, someone made a remark on my suggestions that networking engineers should focus on getting fluent with cloud networking and automation:
The running thing is, we can all learn this stuff, but not without having an opportunity.
I tend to forcefully disagree with that assertion. What opportunity do you need to test open-source tools or create a free cloud account? My response was thus correspondingly gruff: