while looking through recent IETF meeting notes i found interesting idea - splitting OSPF area zero without incurring outage. it’s very interesting idea for flawless, in-service migrations. on the other side, another OSPF concept that I was afraid somebody will bring up is… enabling FlowSpec capabilities. oh my… also, overlay networking effort is gaining grounds, with architectural choices as well as security. it’s interesting how much longer it will take....
quite recently Piotr Jabłoński, one of the best architects and consultants in Polish Cisco Systems office presented session very similar to this post topic during our CCIE club meeting. independently, this topic is often brought back on CCIE.pl forum, and Mirek Burnejko asked for couple of comments with regards to growth of whitebox networking. so… does rise of SDN really mean end of the world for CCIE? yes and no....
as I read a lot of books, at some point I decided to share those worth mentioning here. partly so you can see what I’m reading, partly - to have a good summary about those books. let’s start - over last two weeks I’ve managed to read: How Google tests software - great book for everyone that deals with software development, process optimization or simply building their own company. it demonstrates how important is to get feedback from users, and how hard it is to built whole compliance system right from the beginning....
i’m just finishing upgrading my different servers from FreeBSD 9 to FreeBSD 10.1-STABLE. …and i just realized, that my FreeBSD adventure started around 4.1 (well, i may have got older 3.4 CDs, but didn’t install it then yet). and it was 14 years ago today. it was just after i, like thousands of linux users around the world, tried to upgrade glibc libs on the fly on my beloved (at that time and today) Slackware installation....
it seems that F-35 can’t end it’s failure series. despite GAO audits, model of building military equipment for biggest army in the world didn’t change a bit since end of second world war. they’re still ordering and building things that will bring maximum revenue to military vendors and not what military customers actually need. i immediately got back to one of the articles i’ve read recently in ACM Queue - responsive enterprise: embracing the hacker way....
…on the performance of virtualized network stack different cloud providers. plus - couple of slides and some speculations about how AWS is built.
…people using dialup connections. those poor people stay need them to take advantage of restricted Internet services provided by AOL. a year ago at that time, still around 2.6 million of US citizens were connecting to internet that way. …and you think that your 1Mbps upstream link is not enough? ;P
some time ago I changed my BIND at home to Unbound, due to the change of the default DNS server in FreeBSD (yes, I do have my own DNS server at home, and it serves all local queries). actually, I have four right now ;) back in BIND times, i used a lot of scripts to add zones containing 127.0.0.1 for domains serving ads. after switching to Unbound - i forgot about it completely....
it’s better not to know, how thick the wall is. you may have too short run. anonymous
quite recently i described my own new workstation. it has dual Xeon processors, and today i decided to upgrade memory from 128GB to 256GB (yeah, i use to run a lot of VMs). so below you can see the outcome - 256GB RAM, 2 physical CPUs, 16 cores, 32 threads: great advantage of having such beast at your disposal is that you simply can run everything thrown at it. it’s quiet, it’s effective and it also doubles as great gaming station....
…gave me food for thought. i counted 18 books in different places around my house, that i was trying to read at the same time. today in the morning i decided it doesn’t make any sense, and it’s exactly the opposite approach i should take. so, books landed in stack, into nice queue. i’ll be reading two books at the same time from today onwards - starting with ’essentialism’ and Pratchetts ‘Raising Steam’....
…i’m reading right now an interesting book - Essentialism. it beatifully demonstrates how to decide where it is worth to invest your time and energy. and it gives you great framework for doing just that. another theory, you’ll say? well, 37signals, builders of the great web apps announced they’ll… drop all other projects and focus on only one - Basecamp. that’s how you put theory to practice. by the way - i highly recommend all of the 37signals books, they’re great source of proven advices how to build your own business and how to choose paths in life....
…or who needs them anyway today? there’s interesting article written down by one of Google employees, that perfectly describes how ineffective today standard bodies are, and how less and less influence they have on the market. cisco decided to spearhead new solutions without waiting for multi-year discussions, true to the ‘good description and working code’ motto. if we wouldn’t be doing that, there would be no PVLANs, FabricPath (TRILL) but also protocols like LDP or HSRP/VRRP/GLBP....
…supports BGP and it’s already out. do you like BGP on your firewalls? i don’t. should we have the tool in hand, just in case? well, sometimes it’s handy. but going back again - do you like BGP on your firewalls? ;)
in 2002 it was calculated that to reach closest star (Proxima Centauri), multigenerational crew would need to start with at least 150 to 180 men and women. latest simulations show however, that to guarantee gen variance you’d need to take between 10000 and 40000 people onboard. it would be interesting to see how those plans will end up - we will stay on Earth until Sun burns out, we’ll kill each other or maybe we’ll start finally intergalactic travels?...
all memory and CPU related features in IPv6 world is major challenge even for modern hardware. unfortunately this is emphasized with lack of best practices followed by developers writing code. i just noticed there’s Microsoft Windows problem with IPv6 RA. it seems that actual problem is not limited only to RA, but actually - to the whole networking stack when working with link-local addresses. under Microsoft Windows code is allocating memory pretty recklessly....
let me quote book i’m reading now: A quick hypothesis: say one million monkeys speculate on the stock market. They buy and sell stocks like crazy and, of course, completely at random. What happens? After one week, about half of the monkeys will have made a profit and the other half a loss. The ones that made a profit stay; the ones that made a loss you send home. In the second week, one half of the monkeys will still be riding high, while the other half will have made a loss and are sent home....
it will be unique opportunity in Poland and in this part of Europe. with group of my dear friends and design masters - Piotr Jabłoński, Sebastian Pasternacki and Piotr Matusiak i’ll be delivering bootcamp-type of training for CCDE. we’re starting on 5th of may - and you can find more details here.
…workstation requires two! ;) i had some time over Christmas to finally build myself following beast: Asus Z9PE-D8 WS (BIOS 5304, original 3304 had some interesting bugs Xeon E5 2660 (Sandy Bridge EP/EX) - 16 cores, 32 HT Corsair H80i for CPU cooling 64GB RAMu (8x 8GB DDR3 1600 ECC) OWC 480GB PCIe - has two 240GB blades in RAID0 Corsair Obsidian 900D 2x Seagate 4TB HDD [6x Samsung 2TB] LSI 9261-8i to drive those mechanical disks in RAID5 Creative SB ZX AMD Radeon 7970 connected to three Dell U2412 monitors Intel x520 NIC connected to Catalyst 2960S and to other workstation - Xeon 5670, 48GB RAMu, OWC 240GB as boot and two 2TB RAID0 disks as RAID0 for ESXi 5....
don’t start your php upgrade at 2:40 in the morning. as you’ll stay awake until 5am :)
Jennifer Lawrence phenomenon (i can’t quite get Hunger Games popularity, but i love Silver Linings Playbook. how you should do proper conference badges (oh yeah, we’re learning!), Department of Defense outsources to private company management of their own images and movies archive for 10 years, RSA accepted 10M$ of bribe from NSA to promote weaker encryption algorithm and last but not least - DARPA vision of autonomic SkyNet network from eightees....
it seems that GPUs can be reasonably well tasked to handle additional work that x86 CPUs simply can’t. i’m talking about network monitoring and NetFlow processing - good reading when travelling or before sleep.
Christmas are coming, and traditionally that means good time of the year to push people to buy things they don’t need. in Poland, companies generally don’t care what Customer wants. and don’t listed in the process of ignoring him/her. why are companies selling services choose not to listen? they don’t care? i was talking about this paradox during Cisco Connect, but in reality i was just repeating what everyone sane enough to think shouts left and right - we want customized offer, not something off the shelf....
you spend a lot of time preparing OVA to save time in future and enable cloning. then, during importing to remote ESXi you get following error message: Failed to deploy OVF package: The task was canceled by a user.. i didnt’ cancel anything! it’s frustrating, and it seems its a small problem on import format side, not on user side. OVA is simple ZIP file that can be unpacked, so you should do so....
…so I decided to use youtube to find my favorite Monty Python series, Program will resume soon (quite specific Polish series - BTW, never published on DVD!). i was also able to find archive of our old polish IT magazines - Bajtek, Top Secret and Secret Service. my own archive, collected over years and protected from everyone fell prey one day to suprise ‘cleaning’ organized in the basement where it was stored....
i just got hold of interesting document. let me quote it: As remarked in this table the Windows version of TrueCrypt 7.0a deviates from the Linux version in that it fills the last 65024 bytes of the header with random values whereas the Linux version fills this with encrypted zero bytes. From the point of view of a security analysis the behavior of the Windows version is problematic. By an analysis of the decrypted header data it can’t be distinguished whether these are indeed random values or a second encryption of the master and XTS key with a back door password....
after reading ridiculous, made up story of british SAS, hiding under alias “Andy McNab”, trying to tell his version of Rambo&Commando-style fictious account of Iraq operation i couldn’t find story that was so exaggerated and made-up. in reality, his total ineffectual commanding style and bravado led to death one of his own team members, and injuries as well as captivity for rest of them. that was independently verified by Michael Asher and Peter Ratcliffe....
on the upcoming thursday, 10th of october at 7pm i’ll do a short talk with Maciej Broniarz from Warsaw University about security from not-so-typical point of view. please register and see you in Leon Koźmiński Academy hall.
…are better at building TCP stacks than we are. i came across the track of an interesting project - RemyCC, providing greater efficiency and at the same time a better division and lower delays (on average). it is worth to look.