Building your own SD-WAN with Envoy and Wireguard

When using a personal VPN at home, one of the biggest problems I’ve faced was the inability to access public streaming services. I don’t care about watching Netflix from another country, I just want to be able to use my local internet connection for this kind of traffic while still encrypting everything else. This problem is commonly known in network engineering as “local internet breakout” and is often implemented at remote branch/edge sites to save costs of transporting SaaS traffic (e.g. Office365) over the VPN infrastructure. These “local breakout” solutions often rely on explicit enumeration of all public IP subnets, which is a bit cumbersome, or require “intelligent” (i.e. expensive) DPI functionality. However, it is absolutely possible to build something like this for personal use and this post will demonstrate how to do that.

Solution Overview

The problem scope consists of two relatively independent areas:

  • Traffic routing - how to forward traffic to different outgoing interfaces based on the target domain.

  • VPN management - how to connect to the best VPN gateway and make sure that connection stays healthy.

Each of one these problem areas is addressed by a separate set of components.

VPN management is solved Continue reading

Czech Republic Sticks With NEC Vector Engines For Weather Modeling

There are two different Auroras right now in supercomputing. There is the shape-shifting, legendary, and maybe even mythical “Aurora” and now “Aurora A21” exascale supercomputer that was being built by Intel with “Knights” many core processors and now, if Intel can get them out the door, with a combination of “Sapphire Rapids” Xeon SP processors and “Ponte Vecchio” Xe GPU accelerators, for Argonne National Laboratory.

Czech Republic Sticks With NEC Vector Engines For Weather Modeling was written by Timothy Prickett Morgan at The Next Platform.

Announcing the Candidate Slates for the 2021 Board of Trustees Elections

As Chair of the Internet Society Nominations Committee, I am pleased to announce the slates of candidates for the 2021 Board of Trustees elections. The candidates for each slate are listed below in alphabetical order by last name.

Chapters Election (one seat available)

  • Leiska Evanson
  • Luis Martinez
  • Rao Naveed Bin Rais
  • Muhammad Shabbir
  • Niels ten Oever

Organization Members Election (two seats available)

  • Paul Ebersman
  • Robert Pepper
  • Wei Wang
  • Heather West

Additional nominations for election to the Board of Trustees may be made by petition by the nominee, and filed with the Chair of the Nominations Committee using the online form available at the Petitions page: https://www.internetsociety.org/board-of-trustees/elections/2021/petitions/

The deadline for receipt of petition requests is 15:00 UTC on Friday, 26 February 2021. The deadline for petition signatures is Friday, 5 March 2021 at 15:00 UTC. The names of any successful petitioners will be placed on the ballot.

The final candidate slate will be announced on Monday, 8 March, and voting will open on Friday, 9 April.

Learn more about the candidates and the elections, including the petition process at: https://www.internetsociety.org/board-of-trustees/elections/

The Committee thanks all of the nominees who expressed interest and willingness to serve on the Internet Continue reading

Heavy Networking 561: Modeling Your Network For Intent-Based Assurance With IP Fabric (Sponsored)

In today's podcast, sponsored by IP Fabric, we dive into the IP Fabric Network Assurance platform. This platform gathers network configuration and state, and then builds a network model using a graph database. The result is a "digital twin" of the network that engineers and security teams can use for troubleshooting, to plan and verify changes, for network and security analysis, and to enable closed-loop automation. Our guests from IP Fabric are Pavel Bykov, CEO; and Daren Fulwell, Network Automation Evangelist.

Heavy Networking 561: Modeling Your Network For Intent-Based Assurance With IP Fabric (Sponsored)

In today's podcast, sponsored by IP Fabric, we dive into the IP Fabric Network Assurance platform. This platform gathers network configuration and state, and then builds a network model using a graph database. The result is a "digital twin" of the network that engineers and security teams can use for troubleshooting, to plan and verify changes, for network and security analysis, and to enable closed-loop automation. Our guests from IP Fabric are Pavel Bykov, CEO; and Daren Fulwell, Network Automation Evangelist.

The post Heavy Networking 561: Modeling Your Network For Intent-Based Assurance With IP Fabric (Sponsored) appeared first on Packet Pushers.

Solutions In Search of a Problem

During a few recent chats with my friends in the industry, I’ve heard a common refrain coming up about technologies or products being offered for sale. Typically these are advanced ideas given form that are then positioned as products for sale in the market. Overwhelmingly the feedback comes down to one phrase:

This is a solution in search of a problem.

We’ve probably said this a number of times about a protocol or a piece of hardware. Something that seems to be built to solve a problem we don’t have and couldn’t conceive of. But why does this seem to happen? And what can we do to fix this kind of mentality?

Forward Looking Failures

If I told you today that I was creating software that would revolutionize the way your autonomous car delivers music to the occupants on their VR headsets you’d probably think I was crazy, right? Every one of the technologies I mentioned in the statement is a future thing that we expect may be big down the road. We love the idea of autonomous vehicles and VR headsets and such.

Now, let’s change the statement. I’m working on a new algorithm for HD-DVD players to produce Continue reading

How Developers Can Get Started with Python and Docker


Python started in 1991 with humble beginnings focusing on helping “automate the boring stuff.” But over the past few years, we’ve seen Python grow in popularity and become extremely useful not only for scripting but for building modern web applications, machine learning and data science. 

The TIOBE Index for February has Python ranked at number 3 on the list. Python has also been in the top 8 rank programming languages for the past 7 years. With such a popular and powerful programming language comes a vibrate and large community.

To that end, we are excited to announce that we are releasing a series of programming language-specific guides to help developers go from discovering the basics of Docker to delivering your images into a production environment and more.

The first in our series is a focus on the Python development ecosystem. We have created a series of tutorials, how-tos, and guides focused on the Python community with much more coming in the future. 

We are extremely excited to help Python developers become experts at developing and delivering the next generation of applications using the Docker platform. Below you will find a list of resources and our Python language-specific Continue reading

Weekend Reads 021221

Security experts have learned many lessons from 2016 about how cyber warfare not only impacts elections but also has the potential to disrupt everything from energy and education to government services and military operations


For a long time, the ifconfig command was the default method for configuring a network interface. It served Linux users well, but networking is complex, and the commands to configure it must be robust.


SMTP TLS Reporting (TLS-RPT) is a standard that enables reporting issues in TLS connectivity experienced by applications that send emails and detect misconfigurations. It enables the reporting of email delivery issues that take place when an email isn’t encrypted with TLS.


The security of critical infrastructure components requires the governance and support of private sector organizations across various infrastructure sectors. Adopting, implementing, and integrating security practices across federal and private entities is necessary to achieve critical infrastructure cyber resiliency.


Is your system 100% ready to face the severest cyber-attack and mitigate the risk of a possible data breach? If you are unsure about your cyber-safety structure, then it’s time to upgrade it.


Network security firm SonicWall is investigating a coordinated attack in which attackers allegedly exploited vulnerabilities in the company’s products to Continue reading

Keeping Pakistan’s Internet Exchange Points Running

Internet Exchange Points (IXPs) are a vital element of Internet infrastructure. They can be found at physical and neutral locations where different IP networks meet to exchange local traffic via a switch. Implementing an IXP within a country helps bring faster, more affordable, and better performing Internet to people.

Frustrated by poor quality of service and high-cost connectivity, local Internet stakeholders started off the process of setting up an IXP in Pakistan. With the adoption of the 2015 telecoms policy, there was a new drive to foster interconnection and keep local traffic within the country.

Led by the Pakistan Telecom Authority (PTA), the telecom regulator, the government-initiated consultations on how to set up an IXP.  To develop an informed opinion about IXPs, PTA reached out to the Internet Society, the Asia Pacific Network Information Center (APNIC), the local Internet community, and civil society.

The consultations led to the formation of an IXP board; comprised of all stakeholders. The new board decided to establish IXPs at Islamabad, Karachi, and Lahore. The IXP board first set up an IXP in Pakistan at a neutral venue, the Higher Education Commission of Pakistan (HEC), Islamabad in 2016. HEC was ideal because it provided a Continue reading

Juniper targets WAN automation with new software suite

Juniper has unwrapped a suite of automation software it says will help users ensure their wide area network and cloud-connected services are running properly and cost-effectively.The company’s Paragon Automation suite promises to help eliminate manual tasks and workflow processes to make sure WAN operations are working as expected and, if not, quickly fix problems.Top metrics for multicloud management The suite, which is aimed at large enterprises and service operators, includes an amalgamation of technology from Juniper’s existing NorthStar controller and Healthbot network-diagnostics packages combined with other organically developed features in combination with software it got with its recent Netrounds acquisition.To read this article in full, please click here

AMD builds momentum in server market

The server market is fairly slow to change in all things, and that includes its processor platforms. But lately it's clear AMD's comeback is getting very real.Left for dead four years ago, AMD already has won over the gamers. Its Ryzen series of processors are the go-to choice for system builders on YouTube, whose specialty is building a high-end gaming rig in 15 minutes. But the server market is also taking note.The latest sign came from Mercury Research, which follows the semiconductor market, in particular CPU sales. For the fourth quarter of 2020, Intel held 92.9% market share to AMD's 7.1%, but Intel was down from 95.5% one year earlier in Q4 2019 and AMD was way up from 4.5%. For the server market, that's some rapid growth.To read this article in full, please click here

AMD builds momentum in server market

The server market is fairly slow to change in all things, and that includes its processor platforms. But lately it's clear AMD's comeback is getting very real.Left for dead four years ago, AMD already has won over the gamers. Its Ryzen series of processors are the go-to choice for system builders on YouTube, whose specialty is building a high-end gaming rig in 15 minutes. But the server market is also taking note.The latest sign came from Mercury Research, which follows the semiconductor market, in particular CPU sales. For the fourth quarter of 2020, Intel held 92.9% market share to AMD's 7.1%, but Intel was down from 95.5% one year earlier in Q4 2019 and AMD was way up from 4.5%. For the server market, that's some rapid growth.To read this article in full, please click here

Technology Short Take 137

Welcome to Technology Short Take #137! I’ve got a wide range of topics for you this time around—eBPF, Falco, Snort, Kyverno, etcd, VMware Code Stream, and more. Hopefully one of these links will prove useful to you. Enjoy!

Networking

Servers/Hardware

  • I recently mentioned on Twitter that I was considering building out a new Linux PC to replace my aging Mac Pro (it’s a 2012 model, so going on 9 years old). Joe Utter shared with me his new lab build information, and now I’m sharing it with all of you. Sharing is caring, you know.

Security

Cloud Computing/Cloud Management

What Should A Consultant Charge Clients? – Video

In this Day Two Cloud podcast clip, we discuss consulting and MONEY. To hear the entire episode, go here. Hosts Ned Bellavance and Ethan Banks are joined by Michael Jenkins, Sr. Systems Reliability Engineer at Managed Kaos; and Anthony Nocentino, Enterprise Architect at Centino Systems and Pluralsight author. If you like engineering discussions like this, […]

The post What Should A Consultant Charge Clients? – Video appeared first on Packet Pushers.

1 799 800 801 802 803 3,849