Broadcom Mirror on Drop (MoD)

Broadcom BroadView+ Root Cause Analysis with Mirror-on-Drop (MOD) and Inband Flow Analyzer (IFA) from Gestalt IT on Vimeo.

Networking Field Day 23 included a presentation by Bhaskar Chinni describing Broadcom's Mirror-on-Drop (MOD) capability. MOD capable hardware can generate a notification whenever a packet is dropped by the ASIC, reporting the packet header and the reason that the packet was dropped. MOD is supported by Trident 3, Tomahawk 3, and Jericho 2 or later ASICs that are included in popular data center switches and widely deployed in data centers.

The recently published sFlow Dropped Packet Notification Structures specification adds drop notifications to industry standard sFlow telemetry export, complementing the existing push based counter and packet sampling measurements. The inclusion of drop monitoring in sFlow will allow the benefits of MOD to be fully realized, ensuring consistent end-to-end visibility into dropped packets across multiple vendors and network operating systems.

Using Advanced Telemetry to Correlate GPU and Network Performance Issues demonstrates how packet drop notifications from NVIDA Mellanox switches forms part of an integrated sFlow telemetry stream that provides the system wide observability needed to drive automation.

MOD instrumentation on Broadcom based switches provides the foundation needed for network vendors to integrate the Continue reading

Using Advanced Telemetry to Correlate GPU and Network Performance Issues

The image above was captured from the recent talk Using Advanced Telemetry to Correlate GPU and Network Performance Issues [A21870] presented at the NVIDIA GTC conference. The talk includes a demonstration of monitoring a high performance GPU compute cluster in real-time. The real-time dashboard provides an up to the second view of key performance metrics for the cluster.

This diagram shows the elements of the GPU compute cluster that was demonstrated. Cumulus Linux running on the switches reduces operational complexity by allowing you to run the same Linux operating system on the network devices as is run on the compute servers. sFlow telemetry is generated by the open source Host sFlow agent that runs on the servers and the switches, using standard Linux APIs to enable instrumentation and gather measurements. On switches, the measurements are offloaded to the ASIC to provide line rate monitoring.

Telemetry from all the switches and servers in the cluster is streamed to an sFlow-RT analyzer, which builds a real-time view of performance that can be used to drive operational dashboards and automation.

The Real-time GPU and network telemetry dashboard combines measurements from all the devices to provide view of cluster performance. Each of the three Continue reading

One On One With Jensen Huang: Nvidia, The Platform Company

While a lot of ideas are ancient, some are relatively new and can come from only a modern context. …

One On One With Jensen Huang: Nvidia, The Platform Company was written by Timothy Prickett Morgan at The Next Platform.

AnsibleFest 2020 Live Q&A

We are less than a week away from AnsibleFest 2020! We can’t wait to connect with you and help you connect with other automation lovers. We have some great content lined up for this year’s virtual experience and that includes some amazing Live Q&A Sessions. This year, you will be able to get your questions answered from Ansible experts, Red Hatters and Ansible customers. Let’s dive into what you can expect.

Tuesday, October 13

11am

Live Q&A: Get all your network automation questions answered with Brad Thornton, Iftikhar Khan and Sean Cavanaugh

In this session, a panel of experts discuss a wide range of use cases around network automation. They will talk about the Red Hat Ansible Automation Platform and the product direction including Ansible Network Collections, resource modules and managing network devices in a GitOps model. Bring your questions for the architects and learn more about how Red Hat is helping organizations operationalize automation in their network while bridging gaps between different IT infrastructure teams.

Live Q&A: Bridging traditional, container, and edge platforms through automation with Joe Fitzgerald, Ashesh Badani, and Stefanie Chiras

Join this panel discussion, moderated by Kelly Fitzpatrick (Redmonk), to hear from Continue reading

Day Two Cloud 069: The Life Of A Site Reliability Engineer (SRE)

On today's Day Two Cloud podcast we talk with a real-live SRE, or Site Reliability Engineer, who works in an IT group that delivers applications using DevOps principles as part of their day-to-day work. Our guest is James Quigley, SRE at Bloomberg. He and his team builds infrastructure and tooling for application and infrastructure teams to develop for the public cloud.

Day Two Cloud 069: The Life Of A Site Reliability Engineer (SRE)

The post Day Two Cloud 069: The Life Of A Site Reliability Engineer (SRE) appeared first on Packet Pushers.

The Hedge Podcast #55: Nick Carter and Flock Networks

Nick Carter joins Tom and I to discuss Flock Networks. What is Flock Networks?

The Flock Networks IP routing suite is designed for unparalleled performance and massive scale. It has been implemented from scratch so it can excel on modern hardware. Each component of the IP routing suite is able to run in parallel, without being slowed down or interrupted by any other component.

download

New Collab, Support and Vulnerability Scanning Enhance Docker Pro and Team Subscriptions

Last March, we laid out our commitment to focus on developer experiences to help build, share, and run applications with confidence and efficiency. In the past few months we have delivered new features for the entire Docker platform that have built on the tooling and collaboration experiences to improve the development and app delivery process.

During this time, we have also learned a lot from our users about ways Docker can help improve developer confidence in delivering apps for more complicated use cases and how we can help larger teams improve their ability to deliver apps in a secure and repeatable manner. Over the next few weeks, you will see a number of new features delivered to Docker subscribers at the free, Pro and Team level that deliver on that vision for our customers.

Today, I’m excited to announce the first set of features: vulnerability scanning in Docker Hub for Pro and Team subscribers. This new release enables individual and team users to automatically monitor, identify and ultimately resolve security issues in their applications. We will also preview Desktop features that will rollout over the next several months.

We’ve heard in numerous interviews with team managers that Continue reading

The Internet of Food

This abridged article by Francisca Hector was originally published in Tasty Bytes.

Arguably food is the most important item on the planet. The current food system; however, has many inefficiencies and food security continues to be a global challenge.

In addition to this, conscious consumption has reached new heights as consumers demand that their food is not only safe, nutritious, and affordable, but they also want to ensure that their food is ethically sourced and the harvesting and production processes reduce waste.

For many, there is the belief that the food system needs to be fundamentally disrupted. While there have been some attempts to use technology to make better decisions around food, these technologies are not widely available. Without widespread availability and adoption, the impact of any technology is hard to ascertain.

This and other concerns are what spurred the creation of The Internet Society Special Interest Group for the Internet of Food (SIG-IOF), which is a discussion room for next-gen Internet backbone standards for digital aspects of food. In short, that means that when food goes data, this group would like to facilitate the Internet standards for how that data is handled.

With 110 chapters located all over Continue reading

Juniper upgrades security software with threat intelligence, VPN package

Juniper Networks has added new components to its security portfolio to help customers get a better handle on potential threats as well as improve risk detection and response.The new products are aimed at figuring out who and what devices are on the network and then offering the security intelligence to help them address threats at every point on the network, said Samantha Madrid vice president of product management in the Security Business & Strategy business at Juniper Networks.Security is always a challenge but even more so now when customers have mass-scale remote workforces, Madrid said. [Get regularly scheduled insights by signing up for Network World newsletters.] Madrid cited a recent Juniper-sponsored IT survey by Vanson Bourne that found 97% of respondents said their companies faced challenges securing their organizations’ network effectively.To read this article in full, please click here

Juniper upgrades security software with threat intelligence, VPN package

Thousand-node Fabrics: Scaling and Extending the Adaptive Cloud Fabric with Controllerless SDN and EVPN

New levels of scalability for hybrid clouds and edge computing

Public/private key SSH access to Fortigate

To save having to enter usernames and passwords for your devices, it is a lot more convenient to use public/private key authentication. When SSHing to the device, you simply specify the username and authentication using the keys is automatic.

Windows users can use puttygen to make key pairs, and PuTTY as an SSH client to connect to devices. This process is quite well described here: https://www.ssh.com/ssh/putty/windows/puttygen

By default, keys (on a Linux or Macos host) are in your home directory, under the ~.ssh/ directory. A keypair is generated using ssh-keygen like so:

andrew@host % ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/Users/andrew/.ssh/id_rsa): andrew_test Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in andrew_test. Your public key has been saved in andrew_test.pub. The key fingerprint is: SHA256:nx4REDACTEDGN69tY andrew@host The key's randomart image is: +---[RSA 3072]----+ | 1. o+| | o o& o| | * o..- =.| | .. | | S. =B xx . | | .+. | | . +.=. o. +E| | o o+* .| +----[SHA256]-----+ andrew@host %

In the example above, I created it as ‘andrew_test’ – this will Continue reading

Fixing Firewall Ruleset Problem For Good

Before we start: if you’re new to my blog (or stumbled upon this blog post by incident) you might want to read the Considerations for Host-Based Firewalls for a brief overview of the challenge, and my explanation why flow-tracking tools cannot be used to auto-generate firewall policies.

As expected, the “you cannot do it” post on LinkedIn generated numerous comments, ranging from good ideas to borderline ridiculous attempts to fix a problem that has been proven to be unfixable (see also: perpetual motion).

Fixing Firewall Ruleset Problem For Good

What is a network switch, and how does it work?

Networks today are essential for supporting businesses, providing communication, delivering entertainment—the list goes on and on. A fundamental element networks have in common is the network switch, which helps connect devices for the purpose of sharing resources.What is a network switch? A network switch is a device that operates at the Data Link layer of the OSI model—Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends them out again, but only through the ports that lead to the devices the packets are intended to reach.To read this article in full, please click here

Porting to AMD GPUs in the Corona Age

“Times were simpler not so long ago” is an understatement these days, but when it comes to supercomputing, this has yet another meaning. …

Porting to AMD GPUs in the Corona Age was written by Nicole Hemsoth at The Next Platform.

Ultra-Wideband Tech Powers COVID-19 Contact Tracing Tools for Enterprises

Technology is allowing IT managers to address safety concerns with sensors now; smartphone chips on the way.

Cisco slapped with $1.9 billion judgement in security patent lawsuit

Cisco this week lost a patent infringement case brought by security vendor Centripetal Networks and was hit with a $1.9 billion judgement.A non-jury judgement from U.S. District Judge Henry Morgan determined Cisco infringed on four security patents related to encrypted traffic and packet filtering technology belonging to plaintiff Centripetal Networks. The award directs $755.8 million in actual damages, multiplied by 2.5 to reflect "willful and egregious" conduct from Cisco, the judge found. The award also includes past damages and a running royalty of 10% on the apportioned sales of the patented products for a period of three years, followed by a second three-year term with a running royalty of 5% on such sales, which could take damages from the case north of $3 billion, according to a Centripetal statement about the case.To read this article in full, please click here

Cisco slapped with $1.9 billion judgement in security patent lawsuit

« Previous 1 … 869 870 871 872 873 … 3,834 Next »