Now Splunk data and insights can be acted upon more quickly along with automated remediation and forensics.
https://techcrunch.com/2018/06/11/splunk-nabs-on-call-management-startup-victorops-for-120-m/
"With VictorOps, the company gets a system to alert the operations team when something from that muddle of data actually requires their attention."
https://seekingalpha.com/article/4151274-splunk-acquire-phantom-cyber-350-million
"to bolster its data integration, security analysis and automation capabilities as it continues to build out its machine learning offerings."
Thursday, June 21, 2018
The enemy of great
In the space between GOOD and PERFECT lies somewhere you occassionally want to be: GREAT. Very few things need to be perfect. For many things we settle for good, and probably should. We need a precious few to get GREAT.
No more
"Meaning: When deciding whether to commit to something, if I feel anything less than, “Wow! That would be amazing! Absolutely! Hell yeah!” - then my answer is no." - Derek Sivers
BUT MOST OF THE TIME:
"Better a diamond with a flaw than a pebble without." -Confucius via Entrepreneur
...but "Obsession with perfection can paralyze" - Psychology Today
THEREFORE:
“Don't put off until tomorrow what you can do today.” ― Benjamin Franklin
There are times when perfection is called for, of course, but allow me to suggest to you that most of the time, “good enough” will do. There’s a point where it takes more and more energy to achieve smaller and smaller gains. via LifeHack.org
No more
"Meaning: When deciding whether to commit to something, if I feel anything less than, “Wow! That would be amazing! Absolutely! Hell yeah!” - then my answer is no." - Derek Sivers
BUT MOST OF THE TIME:
"Better a diamond with a flaw than a pebble without." -Confucius via Entrepreneur
...but "Obsession with perfection can paralyze" - Psychology Today
THEREFORE:
“Don't put off until tomorrow what you can do today.” ― Benjamin Franklin
There are times when perfection is called for, of course, but allow me to suggest to you that most of the time, “good enough” will do. There’s a point where it takes more and more energy to achieve smaller and smaller gains. via LifeHack.org
Thursday, August 20, 2015
Network Device API intro "Postman"
Playing around with the basics on network device API calls again. Postman is a great tool to try things out interactively. Works great for me as a Chrome plugin.
Kudos to Matt Oswalt for a great post on Nexus 9000 NX-API
Finally, a little bit of super generic Python for getting 'show version' from a switch:
import requests
import json
url='http://YOURIP/ins'
switchuser='USERID'
switchpassword='PASSWORD'
myheaders={'content-type':'application/json-rpc'}
payload=[
{
"jsonrpc": "2.0",
"method": "cli",
"params": {
"cmd": "show version",
"version": 1
},
"id": 1
}
]
response = requests.post(url,data=json.dumps(payload), headers=myheaders,auth=(switchuser,switchpassword)).json()
Thursday, June 25, 2015
DevOps for Network Engineers
Network Engineers need to not only think about network programmability and automation. Take a higher look into reducing operations and moves/adds/changes into the smallest incremental steps first. Here are some great references to give you some thoughts on this.
What is DevOps in Simple English – Rackspace
Ivan Pepelnjak @ioshints describes how "Infrastructure as Code" makes sense
@dave_tucker gives a nice "NetOps to DevOps" plan
Bimodal IT – Lydia Leong of Gartner
BONUS: Familiarize yourself with revision control. @DavidJohnGee describes Git
What is DevOps in Simple English – Rackspace
Ivan Pepelnjak @ioshints describes how "Infrastructure as Code" makes sense
@dave_tucker gives a nice "NetOps to DevOps" plan
Bimodal IT – Lydia Leong of Gartner
BONUS: Familiarize yourself with revision control. @DavidJohnGee describes Git
Wednesday, March 11, 2015
Larger, quicker, mobile Networking as in IoT
I was wondering how thousands of new, tiny, mobile devices (such as sensor networks and the Internet of Things) might be assisted by IPv6. Think about the obvious needs introduced:
1) Many Addresses - estimates range from 10's to 100's for every person
2) Low Memory - sensors will be small and somewhat cheap
3) Mobile - where are they going to be and will they be needed elsewhere tomorrow?
4) Low-touch - by sheer numbers managing one-by-one is an impossibility
The current Internet Protocol dominant on the Internet (IPv4) isn't so upstanding for this. The newer version (IPv6) is looking much more handy! Found this article from a European Research project looking into just that.
Check out all their material
1) Many Addresses - estimates range from 10's to 100's for every person
2) Low Memory - sensors will be small and somewhat cheap
3) Mobile - where are they going to be and will they be needed elsewhere tomorrow?
4) Low-touch - by sheer numbers managing one-by-one is an impossibility
The current Internet Protocol dominant on the Internet (IPv4) isn't so upstanding for this. The newer version (IPv6) is looking much more handy! Found this article from a European Research project looking into just that.
 |
| www.iot6.eu |
Tuesday, March 3, 2015
IoT Links Feb-2015
This student paper gives a pretty decent lay of the land.
https://sites.google.com/a/cortland.edu/the-internet-of-things/summary
Cisco's 2011 whitepaper framed things up nicely and is still very relevant.
www.cisco.com/web/.../IoT_IBSG_0411FINAL.pdf
Ecobee, Lyric, and Nest...oh my!
http://smartthermostatguide.com/
Big Data, analytics, and finding value in Internet of things.
http://www.networkworld.com/article/2889975/careers/future-proof-your-it-career-8-tech-areas-that-will-still-be-hot-in-2020.html
Sensor technology will be all the difference for IoT
http://www.forbes.com/sites/tjmccue/2015/02/24/a-butterfly-wing-inspired-sensor-may-save-your-life/
Always wanted my cell phone mic right inside my mouth!
https://wtvox.com/2014/10/top-10-implantable-wearables-soon-body/
https://sites.google.com/a/cortland.edu/the-internet-of-things/summary
Cisco's 2011 whitepaper framed things up nicely and is still very relevant.
www.cisco.com/web/.../IoT_IBSG_0411FINAL.pdf
Ecobee, Lyric, and Nest...oh my!
http://smartthermostatguide.com/
Big Data, analytics, and finding value in Internet of things.
http://www.networkworld.com/article/2889975/careers/future-proof-your-it-career-8-tech-areas-that-will-still-be-hot-in-2020.html
Sensor technology will be all the difference for IoT
http://www.forbes.com/sites/tjmccue/2015/02/24/a-butterfly-wing-inspired-sensor-may-save-your-life/
Always wanted my cell phone mic right inside my mouth!
https://wtvox.com/2014/10/top-10-implantable-wearables-soon-body/
Thursday, October 4, 2012
Regional leadership in IPv6
Network World claims "The US is overtaking the world on IPv6" , but I'm not entirely convinced.
Seems like when the numbers can support the claim such as overall traffic, North America vs. all of Asia numbers are shown. When it's a bit closer, such as in number of addresses or vendor support the numbers are broken down by country to show the US is slightly ahead of China but not all of Asia.
It's nice to see that North America is no longer ignoring the protocol and the future of the Internet. Now let's see how we are doing in percentage of bandwidth and percentage of total users!
Seems like when the numbers can support the claim such as overall traffic, North America vs. all of Asia numbers are shown. When it's a bit closer, such as in number of addresses or vendor support the numbers are broken down by country to show the US is slightly ahead of China but not all of Asia.
It's nice to see that North America is no longer ignoring the protocol and the future of the Internet. Now let's see how we are doing in percentage of bandwidth and percentage of total users!
Thursday, September 20, 2012
SSL and TLS - What do browsers use to encrypt?
I'll spare you all the gory details you can read on wikipedia, but these are protocols used to encrypt data exchanged by browsers and web servers for keeping information private and unchanged. Secure Sockets Layer (SSL) has been through versions 1, 2, and 3. All by 1996 ! Transport Layer Security (TLS) was released as version 1.0 in 1999. (Also a !).
You may often see references to SSL3/TLS1.0 because "TLS 1.0 does include a means by which a TLS implementation can downgrade the connection to SSL 3.0, thus weakening security."
TLS1.1 was defined in 2006. TLS1.2 was defined in 2008. As of 2012, IE9 appears to be the only major browser to support it.
In his great BlackHat 2010 presentation, Ivan Ristic presents great statistics on server support for these protocols discovered during surveying:
You may often see references to SSL3/TLS1.0 because "TLS 1.0 does include a means by which a TLS implementation can downgrade the connection to SSL 3.0, thus weakening security."
TLS1.1 was defined in 2006. TLS1.2 was defined in 2008. As of 2012, IE9 appears to be the only major browser to support it.
In his great BlackHat 2010 presentation, Ivan Ristic presents great statistics on server support for these protocols discovered during surveying:
Monday, August 13, 2012
nping, a ping for more protocols
Nping is really handy when you suspect that ping or traceroute aren't giving you clear results. I really like it for a TCP Connect to a website:
$ nping --tcp-connect -c 3 --delay 2s www.google.com
Starting Nping 0.6.01 ( http://nmap.org/nping ) at 2012-08-13 12:09 MDT
SENT (0.0067s) Starting TCP Handshake > www.google.com:80 (74.125.225.176:80)
RECV (0.0209s) Handshake with www.google.com:80 (74.125.225.176:80) completed
SENT (2.0086s) Starting TCP Handshake > www.google.com:80 (74.125.225.176:80)
RECV (2.0250s) Handshake with www.google.com:80 (74.125.225.176:80) completed
SENT (4.0113s) Starting TCP Handshake > www.google.com:80 (74.125.225.176:80)
RECV (4.0244s) Handshake with www.google.com:80 (74.125.225.176:80) completed
Max rtt: 16.390ms | Min rtt: 13.108ms | Avg rtt: 14.507ms
TCP connection attempts: 3 | Successful connections: 3 | Failed: 0 (0.00%)
Tx time: 4.00581s | Tx bytes/s: 59.91 | Tx pkts/s: 0.75
Rx time: 4.01892s | Rx bytes/s: 29.86 | Rx pkts/s: 0.75
Nping done: 1 IP address pinged in 4.02 seconds
You can also scan MAC addresses on your local subnet:
$ sudo nping --arp-type ARP 172.16.16.1-10 --count 1
Raw packets sent: 10 (420B) | Rcvd: 4 (184B) | Lost: 6 (60.00%)
Tx time: 9.01162s | Tx bytes/s: 46.61 | Tx pkts/s: 1.11
Rx time: 10.01221s | Rx bytes/s: 18.38 | Rx pkts/s: 0.40
Nping done: 10 IP addresses pinged in 14.86 seconds
$ nping --tcp-connect -c 3 --delay 2s www.google.com
Starting Nping 0.6.01 ( http://nmap.org/nping ) at 2012-08-13 12:09 MDT
SENT (0.0067s) Starting TCP Handshake > www.google.com:80 (74.125.225.176:80)
RECV (0.0209s) Handshake with www.google.com:80 (74.125.225.176:80) completed
SENT (2.0086s) Starting TCP Handshake > www.google.com:80 (74.125.225.176:80)
RECV (2.0250s) Handshake with www.google.com:80 (74.125.225.176:80) completed
SENT (4.0113s) Starting TCP Handshake > www.google.com:80 (74.125.225.176:80)
RECV (4.0244s) Handshake with www.google.com:80 (74.125.225.176:80) completed
Max rtt: 16.390ms | Min rtt: 13.108ms | Avg rtt: 14.507ms
TCP connection attempts: 3 | Successful connections: 3 | Failed: 0 (0.00%)
Tx time: 4.00581s | Tx bytes/s: 59.91 | Tx pkts/s: 0.75
Rx time: 4.01892s | Rx bytes/s: 29.86 | Rx pkts/s: 0.75
Nping done: 1 IP address pinged in 4.02 seconds
You can also scan MAC addresses on your local subnet:
$ sudo nping --arp-type ARP 172.16.16.1-10 --count 1
SENT (4.8530s) ARP who has 172.16.16.1? Tell 172.16.16.11
RCVD (4.8546s) ARP reply 172.16.16.1 is at 1C:DF:DF:53:91:91
SENT (5.8538s) ARP who has 172.16.16.2? Tell 172.16.16.11
RCVD (5.8548s) ARP reply 172.16.16.2 is at 00:26:9F:37:33:33
SENT (6.8556s) ARP who has 172.16.16.3? Tell 172.16.16.11
RCVD (6.9364s) ARP reply 172.16.16.3 is at A4:EF:57:E3:EA:EA
SENT (7.8575s) ARP who has 172.16.16.4? Tell 172.16.16.11
SENT (8.8582s) ARP who has 172.16.16.5? Tell 172.16.16.11
SENT (9.8587s) ARP who has 172.16.16.6? Tell 172.16.16.11
SENT (10.8600s) ARP who has 172.16.16.7? Tell 172.16.16.11
SENT (11.8612s) ARP who has 172.16.16.8? Tell 172.16.16.11
SENT (12.8621s) ARP who has 172.16.16.9? Tell 172.16.16.11
RCVD (12.8656s) ARP reply 172.16.16.9 is at 00:21:CF:BD:1F:1F
SENT (13.8634s) ARP who has 172.16.16.10? Tell 172.16.16.11
Raw packets sent: 10 (420B) | Rcvd: 4 (184B) | Lost: 6 (60.00%)
Tx time: 9.01162s | Tx bytes/s: 46.61 | Tx pkts/s: 1.11
Rx time: 10.01221s | Rx bytes/s: 18.38 | Rx pkts/s: 0.40
Nping done: 10 IP addresses pinged in 14.86 seconds
Friday, July 13, 2012
Integrating routing with CDN
A content delivery network (CDN) is a large distributed system of servers deployed in multiple data centers in the Internet.[citation needed] The goal of a CDN is to serve content to end-users with high availability and high performance.
Uniform Resource Identifier (URI) is a string of characters used to identify a name or a resource on the Internet. - en.wikipedia.org/wiki/URI
Border Gateway Protocol (BGP) is the protocol which is the core routing decisions on the Internet. It maintains a table of IP networks or 'prefixes' which designate network reach-ability - en.wikipedia.org/wiki/BGP
The multiprotocol extensions of BGP has been used to carry many types of information. I stumbled across a great progression on the idea from this NANOG presentation from the guys at Comcast.
Here's their packet capture screenshot. Notice the Address Family - URI.
Uniform Resource Identifier (URI) is a string of characters used to identify a name or a resource on the Internet. - en.wikipedia.org/wiki/URI
Border Gateway Protocol (BGP) is the protocol which is the core routing decisions on the Internet. It maintains a table of IP networks or 'prefixes' which designate network reach-ability - en.wikipedia.org/wiki/BGP
The multiprotocol extensions of BGP has been used to carry many types of information. I stumbled across a great progression on the idea from this NANOG presentation from the guys at Comcast.
Here's their packet capture screenshot. Notice the Address Family - URI.
Friday, June 22, 2012
IPv1 , v2, and v3
I always hear "What happened to IP version 5?" But we've seen the answer many times. "Some experimental testing version".
While reading Charles Kozierok's excellent TCP/IP Guide, I found the history of why IPv4 was actually the first version of IP as in a Layer 3 on it's own. The addressing layer was part of the original Network Control Program and then Transmission Control Program combined into a single Layer3 and 4 functionality. TCP became Transmission Control Protocol by its 'fourth iteration'.
While reading Charles Kozierok's excellent TCP/IP Guide, I found the history of why IPv4 was actually the first version of IP as in a Layer 3 on it's own. The addressing layer was part of the original Network Control Program and then Transmission Control Program combined into a single Layer3 and 4 functionality. TCP became Transmission Control Protocol by its 'fourth iteration'.
Tuesday, June 19, 2012
Why hasn't networking followed Moore's Law ?
Andy Bechtolsheim's keynote at NANOG55 in Vancouver looks into what's been going on with networking versus Moore's Law:
Follow the link to his slides in PDF. There are some fantastic graphs on:
Follow the link to his slides in PDF. There are some fantastic graphs on:
- Server 10/40/100G Adoption Cycle
- Total Datacenter Switch Revenue by Protocol & Speed
Today's custom switch silicon support 64 10G ports on a single chip but forecast to scale by 4X in the next 3 years. He wraps up the presentation looking into ways to alleviate the current high cost of optics slowing down 40G/100G adoption.
Wednesday, June 6, 2012
IPv6 Day
Early today, major web sites enabled their DNS 'quad A' or AAAA entries.
These include google.com, bing.com, facebook.com, yahoo.com, youtube.com and aol.com.
I especially like Facebook's IPv6 address:
2A03:2880:2110:3F03:FACE:B00C::
It looks like traffic to Google over one backbone immediately doubled... Albeit up to almost 2% of total traffic.
I'm told that unlike last year, these updates are planned to be permanent. Sure is a step in the right direction!
These include google.com, bing.com, facebook.com, yahoo.com, youtube.com and aol.com.
I especially like Facebook's IPv6 address:
2A03:2880:2110:3F03:FACE:B00C::
It looks like traffic to Google over one backbone immediately doubled... Albeit up to almost 2% of total traffic.
I'm told that unlike last year, these updates are planned to be permanent. Sure is a step in the right direction!
Subscribe to:
Posts (Atom)