Did you ever experience an out-of-the-blue BGP session flap after you were running that peering for months? As Dmytro Shypovalov explains in his latest blog post, it’s always MTU (just kidding, of course it’s always DNS, but MTU blackholes nonetheless result in some crazy behavior).
Docker remains committed to providing a platform where the non-commercial open source developers can continue collaborating, innovating and pushing this industry into new directions.
In August, we announced to our dedicated community and ecosystem that we are creating new policies for image retention and data pull rates. We made these changes to make Docker a sustainable business for the long term, so that we can continue supporting the developer community and ecosystem that depends on the Docker platform. We got great feedback from our extensive user base, and adjusted our policies to delay the policies on image retention until mid-2021. The plan for data pull rates is moving forward, and starting today limits will be gradually enforced, with the plan to be fully applied in the coming weeks. The final limits will be:
To support the open source community, Docker has created a special program for Open Source projects to get continued free access and freedom from restrictions for their communities and their users. For the approved, non-commercial, open source projects, we are thrilled to announce Continue reading
Recently, I have been gathering some old hardware at my parents’ house, notably PC extension cards, as they don’t take much room and can be converted to a nice display item. Unfortunately, I was not very concerned about keeping stuff around. Compared to all the hardware I have acquired over the years, only a few pieces remain.
This SVGA graphics card was installed into a PC powered by a 386SX CPU running at 16 MHz. This was a good card at the time as it was pretty fast. It didn’t feature 2D acceleration, unlike the later ET4000/W32. This version only features 512 KB of RAM. It can display 1024×768 images with 16 colors or 800×600 with 256 colors. It was also compatible with CGA, EGA, VGA, MDA, and Hercules modes. No contemporary games were using the SVGA modes but the higher resolutions were useful with Windows 3.
This card was manufactured directly by Tseng Labs.
My first sound card was an AdLib. My parents bought it in Canada during the summer holidays in 1992. It uses a Yamaha OPL2 chip to produce sound via FM synthesis. Continue reading
This week Network Break is about silicon companies Marvel and AMD bulking up to fight competition. Cisco ships a SmartNIC, Catchpoint releases new features and Space Networking.
The post Network Break 308: AMD Gobbles Xilinx, Marvell Chops Inphi. Its SmartNIC DPU Week appeared first on Packet Pushers.
In the realm of network design—especially in the realm of security—we often react so strongly against a perceived threat, or so quickly to solve a perceived problem, that we fail to look for the tradeoffs. If you haven’t found the tradeoffs, you haven’t looked hard enough—or, as Dr. Little says, you have to ask what is gained and what is lost, rather than just what is gained. This failure to look at both sides often results in untold amounts of technical debt and complexity being dumped into network designs (and application implementations), causing outages and failures long after these decisions are made.
A 2018 paper on DDoS attacks, A First Joint Look at DoS Attacks and BGP Blackholing in the Wild provides a good example of causing more damage to an attack than the attack itself. Most networks are configured to allow the operator to quickly configure a remote triggered black hole (RTBH) using BGP. Most often, a community is attached to a BGP route that points the next-hop to a local discard route on each eBGP speaker. If used on the route advertising the destination of the attack—the service under attack—the result is the DDoS attack traffic no longer Continue reading
The Internet Society Nominations Committee is now inviting nominations for candidates to serve on the Board of Trustees, effective at the start of the Annual General Meeting which is currently scheduled to be held 31 July-1 August 2021.
In 2020-2021, Organization Members and the IETF will each select two Trustees, and Chapters will select one Trustee. Following an orientation program, all new Trustees chosen by the IETF and Chapters will begin three-year terms commencing with the board’s Annual General Meeting. With respect to the two Organizational Members to be chosen, the candidate with the highest weighted vote count will be seated for a three-year term, while the candidate with the second highest weighted vote count will serve the final year of a three-year term initially served by a Trustee who resigned from the board in mid-term.
The Board of Trustees provides strategic direction, inspiration, and oversight to advance the Internet Society’s mission of preserving the open, globally-connected, trustworthy and secure Internet for everyone. Trustees also currently serve as members of the Internet Society Foundation’s board.
I encourage you and all of your community members to identify appropriate candidates for these positions. Further information regarding the positions, as Continue reading
When restructuring our online courses we decided to make the video content that was previously part of Ansible online course available with Standard ipSpace.net Subscription.
If you haven’t enrolled into our automation online course (which always included the extra bits) you’ll find the following additional content in our Ansible for Networking Engineers webinar:
When restructuring our online courses we decided to make the video content that was previously part of Ansible online course available with Standard ipSpace.net Subscription.
If you haven’t enrolled into our automation online course (which always included the extra bits) you’ll find the following additional content in our Ansible for Networking Engineers webinar:
Is the inclusion of specialized matrix engines in general-purpose processors truly motivated and merited, or is the silicon better invested in other parts?
What’s Really Motivating the Matrix Engine Movement in HPC? was written by Nicole Hemsoth at The Next Platform.
This is guest a post by Preetam Jinka, Senior Infrastructure Engineer at ShiftLeft. Originally published here.
ShiftLeft NextGen Static Analysis (NG SAST) is a software-as-a-service static analysis solution that allows developers to scan every pull request for security issues. Earlier this year we released Secrets, Security Insights, and a v4 API. Secrets and Security Insights are two new types of results we extract from code analysis, and the V4 API is a brand new RESTful JSON API with an OpenAPI/Swagger specification that you can use to access all of your results. Read more about these features in our announcement post.
NG SAST was initially designed only for vulnerabilities. In order to implement Secrets and Security Insights, we either had to retrofit these new result types into our existing implementation or significantly refactor our back-end to support their unique characteristics. Even though it would take longer and be more difficult to implement, we decided to do the latter. We rewrote almost all of the storage used for storing code analysis results while maintaining backwards compatibility and without any outages. The analogy is that it’s like changing the engine on an airplane in flight without the passengers noticing.
We could’ve saved Continue reading
About a month ago we talked about how we planned to make Docker Desktop more first class as part of our Pro and Team subscriptions. Today we are pleased to announce that with the latest release of Docker Desktop we are launching support for Docker Desktop for Pro and Team users. This means that customers on Pro plans or team members on Team plans will be able to get support outside of the community support in our Github repository, this will include installation support, issues in running Desktop and of course the existing support for Docker Hub.
Along with this, we have our first Pro feature available in Docker Desktop! For Pro and Team users who have scanning enabled in Docker Hub, you will be able to see your scan results directly in the Docker Dashboard.
This is the first step in releasing unique features for Pro and Team users on Docker Desktop.
Along with this we are pleased to announce that in Docker Desktop 2.5 we have the GA release of the docker scan CLI powered by Snyk! To find out more about scanning images locally have a read of Marina’s blog post.
For customers Continue reading
Today we are introducing the Arista 750 Series Modular Campus switch, a next generation modular platform based on merchant silicon that delivers more performance, more security, more visibility and more power capabilities than any other product in its class.
Today we are introducing the Arista 750 Series Modular Campus switch, a next generation modular platform based on merchant silicon that delivers more performance, more security, more visibility and more power capabilities than any other product in its class.
Getting hit from both sides: Executives from Google, Twitter, and Facebook faced criticism from all sides when testifying in the U.S. Senate recently, the Washington Post reports. Democratic senators told the companies they should do a better job with moderating their sites for fake news and conspiracy theories, while Republicans called on the companies to take a more hands-off role with political speech.
Your money, or else: A wave of ransomware attacks have hit nearly two dozen hospitals and healthcare organizations in recent weeks, Wired.com reports. Even after those attacks, the U.S. Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health and Human Services warned that more may be coming, with an “increased and imminent cybercrime threat” to hospitals and healthcare providers.
Safer Zooming: Videoconferencing provider Zoom has added encryption to free accounts, although the new protections come with a catch, TechCrunch says. With end-to-end encryption enabled for every user joining the call, some other features won’t be available. Users on encrypted calls won’t be able to use features like cloud recording and live transcription, and they won’t be able to chat one on one. Also, the encryption feature will only work with the Continue reading
Private Automation Hub is now available as part of Red Hat Ansible Automation Platform release 1.2, providing an easier way for our customers to manage their Ansible content. Whether they produce private content, access trusted and supported content from Red Hat or obtain content from third party or other community sources, an internally controlled capability is essential to support the continued growth of automation. As automation becomes critical to managing IT activities, so too becomes the need to have a focal point where collaboration can be encouraged, content shared and trust reinforced.
Private Automation Hub is a self-hosted Ansible content management system. Organizations can host private hubs on their own infrastructure and manage it themselves. Similar to how Red Hat Satellite enables Red Hat Enterprise Linux customers to manage operating system content, private Automation Hub enables automation teams to manage Ansible automation content. Private Automation Hub allows curation and distribution of Ansible content as close as possible to Ansible Automation Platform clusters. Private Automation Hub is included in the Red Hat Ansible Automation Platform subscription.
Ansible content can be broken up into three main categories: