Thoughts From Networking Field Day 23

I know I’m a little late getting this post out but Networking Field Day 23 was a jam-packed event with lots of things to digest. I wanted to share some quick thoughts about it here that should create some discussion amongst the community, hopefully.

  • If you don’t believe that wireless is the new access edge, go look at Juniper. Their campus networking division is basically EX switching and Mist. That’s it. Remember how HPE called Aruba a “reverse acquisition” years ago? And how Aruba essentially took over the networking portion of HPE? Don’t be surprised to see Juniper getting more misty sooner rather than later. And that’s a good thing for everything that isn’t a carrier or service provider router.
  • Network monitoring became telemetry and is now transforming into digital experience. What is the difference to me? Monitoring devices tells you point-in-time information. Telemetry gives you the story of those point-in-time measurements over the course of days or weeks and can help you find issues. Experience is all about how that looks to your users. Problems don’t always affect them the same way it might appear on a dashboard. Likewise, things you don’t always see in your alerts can affect Continue reading

Why The DPU Is More Important Than The CPU For Nvidia

If you are fairly new to the IT racket, you might be under the impression that the waves of integration and disaggregation in compute, networking, and storage that swept over the datacenter in recent decades were all new, that somehow the issues of complexity and cost did not plague systems of the past.

Why The DPU Is More Important Than The CPU For Nvidia was written by Timothy Prickett Morgan at The Next Platform.

Tech Bytes: NetMotion Integrates VPNs With The Software Defined Perimeter

Today's Tech Bytes, sponsored by NetMotion Software, explores how NetMotion integrates client VPNs with more modern approaches, including Zero Trust Network Access (ZTNA) and the Software Defined Perimeter. Our guest is Mike Spence, Systems Engineer at NetMotion.

The post Tech Bytes: NetMotion Integrates VPNs With The Software Defined Perimeter appeared first on Packet Pushers.

Jinja2 Tutorial – Part 5 – Macros

Welcome to the part 5 of Jinja2 Tutorial where we learn all about macros. We'll talk about what macros are, why we would use them and we'll see some examples to help us appreciate this feature better.

Jinja2 Tutorial series

Contents

What are macros?

Macros are similar to functions in many programming languages. We use them to encapsulate logic used to perform repeatable actions. Macros can take arguments or be used without them.

Inside of macros we can use any of the Jinja features and constructs. Result of running macro is some text. You can essentially treat macro as Continue reading

Reducing Complexity through Interaction Surfaces

A recent paper on network control and management (which includes Jennifer Rexford on the author list—anything with Jennifer on the author list is worth reading) proposes a clean slate 4d approach to solving much of the complexity we encounter in modern networks. While the paper is interesting, it’s very unlikely we will ever see a clean slate design like the one described, not least because there will always be differences between what the proper splits are—what should go where.

There is one section of the paper that eloquently speaks to current architecture, however. The authors describe a situation where routing and packet filters are used together to prevent one set of hosts from reaching another set of hosts. Changes in the network, however, cause the packet filters to be bypassed, opening up communications between these two sets of hosts.

This is exactly the problem we so often face in network engineering today—overlapping systems used to solve a single problem do not pay attention to the same signals or information to do their jobs. So here’s a thought about an obvious way to reduce the complexity of your network—try to use one tool to do one job. Before the days of automation, this was much harder to do. There was no way to distribute QoS configurations, for instance, or access lists, much less what might be considered an “easy way.” Because of this, it made some kind of sense to use routing protocols as a sort of distributed database and policy engine to move filters and the like around.

Today, however, we have automation. Because of this, it makes more sense to use automation to manage as much data plane policy as you can, leaving the routing protocol to do its job—provide reachability across an ever-changing network. There are still things, like traffic steering and prefix distribution rules, which should stay inside routing. But when you put routing filters in place to solve a data plane problem, it might be worth thinking about whether that is the right thing to do any longer.

Automation, in this case, can change everything.

On the Fringes of Useful Neuromorphic Scalability

When it comes to novel computing architectures, whether in quantum, deep learning, or neuromorphic, it can be tricky to get a handle on how incremental improvements in processor counts translate to real world improvements since these bumps in element counts often don’t have perfect parallels to CPUs or even GPUs.

On the Fringes of Useful Neuromorphic Scalability was written by Nicole Hemsoth at The Next Platform.

Network Break 304: The VMworld 2020 Roundup; Arista Acquires Awake Security

Keith Townsend stops by Network Break to lend analysis and commentary on our review of the biggest announcements to come out of VMworld, including Project Monterey and the SaltStack acquisition. We also discuss new products from Arista, acquisitions by Arista and Juniper, Google joining the Linux Foundation's LF Networking, and more.

The post Network Break 304: The VMworld 2020 Roundup; Arista Acquires Awake Security appeared first on Packet Pushers.

Know When You’ve Been DDoS’d

Know When You’ve Been DDoS’d
Know When You’ve Been DDoS’d

Today we’re announcing the availability of DDoS attack alerts. The alerts are available for free for all Cloudflare’s customers on paid plans.

Unmetered DDoS protection

Last week we celebrated Cloudflare’s 10th birthday in what we call Birthday Week. Every year, on each day of Birthday Week, we announce a new product with the goal of helping make the Internet a better place -- one that is safer and faster. To do that, over the years we’ve democratized many products that were previously only available to large enterprises by making them available for free (or at very low cost) to all. For example, on Cloudflare’s 7th birthday in 2017, we announced free unmetered DDoS protection as part of every Cloudflare product and every plan, including the free plan.

DDoS attacks aim to take down websites or online services and make them unavailable to the public. We wanted to make sure that every organization and every website is available and accessible, regardless if they can or can’t afford enterprise-grade DDoS protection. This has been a core part of our mission. We’ve been heavily investing in our DDoS protection capabilities over the last 10 years, and we will continue to do so in Continue reading

The Week in Internet News: Judge Blocks U.S. TikTok Ban

No deal: A U.S. judge has temporarily blocked President Donald Trump’s order to ban Chinese app TikTok from the Apple and Android app stores, CNBC reports. Trump has argued that the app is a security risk. Oracle and Walmart are in talks to buy a piece of TikTok’s U.S. operations as a way to appease Trump, though it appears that there’s disagreement with Chinese owner ByteDance over the outlines of a deal.

Breaking up is hard to do: The Hill has commentary about Trump’s attempt to ban TikTok and WeChat, another Chinese app, saying these are “only the most recent signs that the once open, global internet is slowly being replaced by 200, nationally-controlled, separate internets.” Trump’s efforts follow a long-term Chinese government drive to create a walled off Internet inside its own borders.

It’s nice to share: The European Union is preparing new regulations that would require large tech companies to share their customer data files with smaller competitors, Euronews says. An early draft of the Digital Services Act says companies like Amazon and Google “shall not use data collected on the platform … for [their] own commercial activities … unless they [make it] accessible to business users active Continue reading

Using Ansible with Arista EOS and CloudVision

In mid-September, Carl Buchmann, Fred Hsu, and Thomas Grimonet had an excellent presentation describing Arista’s Ansible roles and collections. They focused on two collections: CloudVision integration, and Arista Validated Designs. All the videos from that presentation are available with free ipSpace.net subscription.

Want to know even more about Ansible and network automation? Join our 2-day automation event featuring network automation experts from around the globe talking about their production-grade automation solutions or tools they created, and get immediate access to automation course materials and reviewed hands-on exercises.

Using Ansible with Arista EOS and CloudVision

In mid-September, Carl Buchmann, Fred Hsu, and Thomas Grimonet had an excellent presentation describing Arista’s Ansible roles and collections. They focused on two collections: CloudVision integration, and Arista Validated Designs. All the videos from that presentation are available with free ipSpace.net subscription.

Want to know even more about Ansible and network automation? Join our 2-day automation event featuring network automation experts from around the globe talking about their production-grade automation solutions or tools they created, and get immediate access to automation course materials and reviewed hands-on exercises.

Understanding operational 5G: a first measurement study on its coverage, performance and energy consumption

Understanding operational 5G: a first measurement study on its coverage, performance and energy consumption, Xu et al., SIGCOMM’20

We are standing on the eve of the 5G era… 5G, as a monumental shift in cellular communication technology, holds tremendous potential for spurring innovations across many vertical industries, with its promised multi-Gbps speed, sub-10 ms low latency, and massive connectivity.

There are high hopes for 5G, for example unlocking new applications in UHD streaming and VR, and machine-to-machine communication in IoT. The first 5G networks are now deployed and operational. In today’s paper choice, the authors investigate whether 5G as deployed in practice can live up to the hype. The short answer is no. It’s a great analysis that taught me a lot about the realities of 5G, and the challenges ahead if we are to eventually get there.

The study is based on one of the world’s first commercial 5G network deployments (launched in April 2019), a 0.5 x 0.92 km university campus. As is expected to be common during the roll-out and transition phase of 5G, this network adopts the NSA (Non-Standalone Access) deployment model whereby the 5G radio is used for the data Continue reading

Birthday week: Cloudflare turns 10

Birthday week: Cloudflare turns 10
Birthday week: Cloudflare turns 10

2020 marks a major milestone for Cloudflare: it’s our 10th birthday.

We’ve always used birthdays as an opportunity to give back to the Internet. But this year — a year in which the Internet has been so central to giving us all some degree of connectedness and normalcy — it feels like giving back to the Internet has been more important than ever.

And while we couldn’t celebrate in person, we were humbled by some of the incredible minds that joined us online to talk about how the Internet has changed over the last ten years — and what we might see over the next ten.

With that, let’s recap the key announcements from Birthday Week 2020.

Day 1, Monday: Workers

During Birthday Week in 2017, Cloudflare announced Workers — a serverless platform that represented a completely new way to build applications: by writing your code directly onto our network edge. On Monday of this year’s Birthday Week, we announced Durable Objects and Cron Triggers — both of which continue to expand the use cases that Workers can address.

Many folks associate the serverless paradigm with functions as a service — which, at its core, is stateless. Workers KV started Continue reading

Weekend Reads 100220

Equinix is not just about colocation anymore. The company is reinforcing that reality with new branding that positions Equinix as “the world’s digital infrastructure company.”

An FPGA is a chip that is programmed by a circuit. It is said to “emulate” that circuit. This emulation runs slower than the actual circuit would run if it were implemented in an ASIC—it has a slower clock frequency and uses more power, but it can be reprogrammed every few hundred milliseconds.

If I could change one thing in the minds of all programming language designers, it would be to impress upon them—forcefully—the idea that anything that is significant to the syntactic or structural meaning of a program must be easily visible to the human reader, as well as easily understood by the systems used by developers.

The same attributes that give deep learning its ability to tell images apart are helping attackers break into the cryptoprocessors built into integrated circuits that were meant improve their security. The same technology may provide the tools that will let chip designers find effective countermeasures, but it faces an uphill struggle.

If your broadband keeps going haywire, maybe someone nearby is using an ancient television set.

Continue reading

Must Watch: Fault Tolerance through Optimal Workload Placement

While I keep telling you that Google-sized solutions aren’t necessarily the best fit for your environment, some of the hyperscaler presentations contain nuggets that apply to any environment no matter how small it is.

One of those must-watch presentations is Fault Tolerance through Optimal Workload Placement together with a wonderful TL&DR summary by the one-and-only Todd Hoff of the High Scalability fame.

1 897 898 899 900 901 3,860