Category: Worth Reading

Use the email sent by Randy Bush to RIPE routing WG mailing list every time a security researcher claims a technology with no built-in security mechanism is insecure (slightly reworded to make it more generic).

Lately, I am getting flak about $SomeTechnology not providing protection from this or that malicious attack. Indeed it does not.

Erik Hoel published a wonderful article describing how he’s fighting the algorithm that is deciding whether to approve a charge on his credit card.

My credit card now has a kami. Such new technological kamis are, just like the ancient ones, fickle; sometimes blessing us, sometimes hindering us, and all we as unwilling animists can do is a modern ritual to the inarticulate fey creatures that control our inboxes and our mortgages and our insurance rates.

Julio Perez wrote a wonderful blog post describing how he combined netlab and containerlab¹ to build Arista cEOS labs.

Hint: when you’re done with that blog post, keep reading and add his blog to your RSS feed – he wrote some great stuff in the past.

Found a pointer to another you cannot beat the laws of physics or networking result: you cannot avoid latency spikes with end-to-end congestion control regardless of the amount of unicorn dust or hype you’re throwing at the problem (original paper).

Have to work with VMware SD-WAN (the entity formerly known as VeloCloud)? You might find interesting tidbits in Crazy about VMware SD-WAN by Alexander Marhold.

Stumbled upon a totally unexpected fun fact:

Every server vendor either peaked or hits the peak of maximum units sold per quarter in 2015. In the years that follow, the monthly averages drop.

Keep that in mind the next time Cisco sales team comes along with a UCS presentation.

Years ago, I compared EVPN to SIP – it has a gazillion options, and every vendor implements a different subset of them, making interoperability a nightmare.

According to Andrew Alston, SRv6 is no better (while being a security nightmare). No surprise there.

Tom Hollingsworth published a more eloquent version of what I’ve been saying for ages:

• Complexity belongs to the end nodes;
• Network should provide end-to-end packet transport, not a fix for every stupidity someone managed to push down the stack;
• There’s nothing wrong with being a well-performing utility instead of pretending your stuff is working on unicorn farts and fairy dust.

Obviously it’s totally against the vested interest of any networking vendor out there to admit it.

Christoph Jaggi, the author of Ethernet Encryption webinar and ethernet encryptor market overviews launched a new site in which he collected tons material he created in the past – the network security and news and articles sections are definitely worth exploring.

I’m positive that this pointer to The Gift of It’s Your Problem Now by Avery Pennarun will generate similar comments to the blockchain one: “he’s an idiot, and you’re an idiot for wasting my time posting this”.

That might be true, but in that case he’s my kind of idiot, and you shouldn’t complain about a gift anyway – there are tons of high-quality lolcats videos waiting for you instead.