Конфигурация и особенности BGP: Prefix-Independent ConvergenceCisco Russia
Презентация с вебинара, организованного в рамках сообщества Cisco Support Community.
Приглашаем Вас на другие мероприятия Cisco Support Community, а также к участию в жизни нашего сообщества технической поддержки Cisco:
http://cs.co/CSCRu
Presentació a càrrec de Pau Nadeu, d'everyWAN, i Anton Karneliuk, de THG Hosting, duta a terme abans de la celebració de la 45a reunió de la Comissió Tècnica del Punt Neutre d'Internet a Catalunya (CATNIX) el 26 de novembre de 2021.
Конфигурация и особенности BGP: Prefix-Independent ConvergenceCisco Russia
Презентация с вебинара, организованного в рамках сообщества Cisco Support Community.
Приглашаем Вас на другие мероприятия Cisco Support Community, а также к участию в жизни нашего сообщества технической поддержки Cisco:
http://cs.co/CSCRu
Presentació a càrrec de Pau Nadeu, d'everyWAN, i Anton Karneliuk, de THG Hosting, duta a terme abans de la celebració de la 45a reunió de la Comissió Tècnica del Punt Neutre d'Internet a Catalunya (CATNIX) el 26 de novembre de 2021.
Варианты организации на FlexVPN таких конфигураций как L2L VPN (site to site VPN), RA VPN (remote access VPN), DMVPN (dynamic multipoint VPN).
Запись вебинара: https://www.youtube.com/watch?v=GJfFrVRLquU
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
This talk will start with a deep dive and hands on examples of BPF, possibly the most promising low level technology to address challenges in application and network security, tracing, and visibility. We will discuss how BPF evolved from a simple bytecode language to filter raw sockets for tcpdump to the a JITable virtual machine capable of universally extending and instrumenting both the Linux kernel and user space applications. The introduction is followed by a concrete example of how the Cilium open source project applies BPF to solve networking, security, and load balancing for highly distributed applications. We will discuss and demonstrate how Cilium with the help of BPF can be combined with distributed system orchestration such as Docker to simplify security, operations, and troubleshooting of distributed applications.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Using eBPF for High-Performance Networking in CiliumScyllaDB
The Cilium project is a popular networking solution for Kubernetes, based on eBPF. This talk uses eBPF code and demos to explore the basics of how Cilium makes network connections, and manipulates packets so that they can avoid traversing the kernel's built-in networking stack. You'll see how eBPF enables high-performance networking as well as deep network observability and security.
SOSCON 2019.10.17
What are the methods for packet processing on Linux? And how fast are each packet processing methods? In this presentation, we will learn how to handle packets on Linux (User space, socket filter, netfilter, tc), and compare performance with analysis of where each packet processing is done in the network stack (hook point). Also, we will discuss packet processing using XDP, an in-kernel fast-path recently added to the Linux kernel. eXpress Data Path (XDP) is a high-performance programmable network data-path within the Linux kernel. The XDP is located at the lowest level of access through SW in the network stack, the point at which driver receives the packet. By using the eBPF infrastructure at this hook point, the network stack can be expanded without modifying the kernel.
Daniel T. Lee (Hoyeon Lee)
@danieltimlee
Daniel T. Lee currently works as Software Engineer at Kosslab and contributing to Linux kernel BPF project. He has interest in cloud, Linux networking, and tracing technologies, and likes to analyze the kernel's internal using BPF technology.
This presentation by Anton Bondarenko (Senior Software Engineer/Architect, Bosch Sensortec, Sweden) was delivered at GlobalLogic Kharkiv Embedded Conference 2019 on July 7, 2019.
Live debugging in Linux is a good method during development but it’s not always possible. Alternative is post mortem debugging. Post mortem analyze includes investigations performed using system snapshot. There are different tools supporting this approach. ‘Crash’ tool is one of them and we will review it in details during Anton’s speech. The talk provided information about different aspects of post mortem analyze like collection, processing and comparison to other methods.
Conference materials: https://www.globallogic.com/ua/events/kharkiv-embedded-conference-2019/
Cobbler - Fast and reliable multi-OS provisioningRUDDER
In a lot of companies, machine deployment is a delicate subject: every administrator has his own recipe, using CD-ROMs, static binary images deployed via the network, peer delegation ...
However, one solution makes the consensus when it comes to automated mass deployments ( except in the Cloud ): PXE boot. The main cons are that the deployment and the management of such a service is a pain, and every OS has its own installation automation system.
This is where Cobbler saves the day: it enables a painless and reliably to create a PXE service, usable on either virtual or physical machines, while beeing the most agnostic possible towards the target OSes and its preconfiguration system (preseed, kickstart, sysprep, ...) while offering the possibility to handle lots of configuration parameters in a modular fashion (network, partitionning, user accounts, configuration management agent...)
This conference aims to introduce the audience to the general concepts of Cobbler, and some scenarios where it would be a useful solution.
Proof of Transit: Securely Verifying a Path or Service ChainFrank Brockners
Traffic engineering, policy routing, or service function chaining are used in many networks today. Unfortunately there is still one hard question left that management or security departments tend to ask: "Can you please prove to me that all traffic that was meant to traverse a specific service chain really followed that path?" Proof-of-transit is here to help: By adding some meta-data to our traffic, we can now provide a packet by packet proof of the actual path followed. This presentation outlines the technology (based on Shamir's Secret Sharing Scheme) as well as the implementation on IOS and FD.io/VPP.
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
- Show you how GoBGP can be used as a software router in conjunction with quagga
- (Tutorial) Walk through the setup of IXP connecting router using GoBGP
EIGRP is a cisco proprietary, Advance distance vector, classless Interior gateway routing protocol.
Released in-1994.
It works on Network Layer of OSI Model.
It use the IP protocol no 88. (It doesn’t use TCP or UDP)
EIGRP AD – 90
Eigrp External routes AD – 170
EIGRP has a maximum hop-count of 224, though the default maximum hop-count is set to 100
Варианты организации на FlexVPN таких конфигураций как L2L VPN (site to site VPN), RA VPN (remote access VPN), DMVPN (dynamic multipoint VPN).
Запись вебинара: https://www.youtube.com/watch?v=GJfFrVRLquU
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
This talk will start with a deep dive and hands on examples of BPF, possibly the most promising low level technology to address challenges in application and network security, tracing, and visibility. We will discuss how BPF evolved from a simple bytecode language to filter raw sockets for tcpdump to the a JITable virtual machine capable of universally extending and instrumenting both the Linux kernel and user space applications. The introduction is followed by a concrete example of how the Cilium open source project applies BPF to solve networking, security, and load balancing for highly distributed applications. We will discuss and demonstrate how Cilium with the help of BPF can be combined with distributed system orchestration such as Docker to simplify security, operations, and troubleshooting of distributed applications.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Using eBPF for High-Performance Networking in CiliumScyllaDB
The Cilium project is a popular networking solution for Kubernetes, based on eBPF. This talk uses eBPF code and demos to explore the basics of how Cilium makes network connections, and manipulates packets so that they can avoid traversing the kernel's built-in networking stack. You'll see how eBPF enables high-performance networking as well as deep network observability and security.
SOSCON 2019.10.17
What are the methods for packet processing on Linux? And how fast are each packet processing methods? In this presentation, we will learn how to handle packets on Linux (User space, socket filter, netfilter, tc), and compare performance with analysis of where each packet processing is done in the network stack (hook point). Also, we will discuss packet processing using XDP, an in-kernel fast-path recently added to the Linux kernel. eXpress Data Path (XDP) is a high-performance programmable network data-path within the Linux kernel. The XDP is located at the lowest level of access through SW in the network stack, the point at which driver receives the packet. By using the eBPF infrastructure at this hook point, the network stack can be expanded without modifying the kernel.
Daniel T. Lee (Hoyeon Lee)
@danieltimlee
Daniel T. Lee currently works as Software Engineer at Kosslab and contributing to Linux kernel BPF project. He has interest in cloud, Linux networking, and tracing technologies, and likes to analyze the kernel's internal using BPF technology.
This presentation by Anton Bondarenko (Senior Software Engineer/Architect, Bosch Sensortec, Sweden) was delivered at GlobalLogic Kharkiv Embedded Conference 2019 on July 7, 2019.
Live debugging in Linux is a good method during development but it’s not always possible. Alternative is post mortem debugging. Post mortem analyze includes investigations performed using system snapshot. There are different tools supporting this approach. ‘Crash’ tool is one of them and we will review it in details during Anton’s speech. The talk provided information about different aspects of post mortem analyze like collection, processing and comparison to other methods.
Conference materials: https://www.globallogic.com/ua/events/kharkiv-embedded-conference-2019/
Cobbler - Fast and reliable multi-OS provisioningRUDDER
In a lot of companies, machine deployment is a delicate subject: every administrator has his own recipe, using CD-ROMs, static binary images deployed via the network, peer delegation ...
However, one solution makes the consensus when it comes to automated mass deployments ( except in the Cloud ): PXE boot. The main cons are that the deployment and the management of such a service is a pain, and every OS has its own installation automation system.
This is where Cobbler saves the day: it enables a painless and reliably to create a PXE service, usable on either virtual or physical machines, while beeing the most agnostic possible towards the target OSes and its preconfiguration system (preseed, kickstart, sysprep, ...) while offering the possibility to handle lots of configuration parameters in a modular fashion (network, partitionning, user accounts, configuration management agent...)
This conference aims to introduce the audience to the general concepts of Cobbler, and some scenarios where it would be a useful solution.
Proof of Transit: Securely Verifying a Path or Service ChainFrank Brockners
Traffic engineering, policy routing, or service function chaining are used in many networks today. Unfortunately there is still one hard question left that management or security departments tend to ask: "Can you please prove to me that all traffic that was meant to traverse a specific service chain really followed that path?" Proof-of-transit is here to help: By adding some meta-data to our traffic, we can now provide a packet by packet proof of the actual path followed. This presentation outlines the technology (based on Shamir's Secret Sharing Scheme) as well as the implementation on IOS and FD.io/VPP.
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
- Show you how GoBGP can be used as a software router in conjunction with quagga
- (Tutorial) Walk through the setup of IXP connecting router using GoBGP
EIGRP is a cisco proprietary, Advance distance vector, classless Interior gateway routing protocol.
Released in-1994.
It works on Network Layer of OSI Model.
It use the IP protocol no 88. (It doesn’t use TCP or UDP)
EIGRP AD – 90
Eigrp External routes AD – 170
EIGRP has a maximum hop-count of 224, though the default maximum hop-count is set to 100
MPLS для чайников: основы технологии провайдеров и операторов связиSkillFactory
Вячеслав Васин – CCIE, инструктор Cisco, имеющий практический опыт реализации крупных MPLS-сетей – об особенностях технологии MPLS и о том, как эта технология используется в провайдерских сетях и операторах связи.
Построение территориально распределенных ЦОДCisco Russia
Построение катастрофоустойчивых и распределённых ЦОД традиционно является одной наиболее технически сложных задач в области инфраструктуры центров обработки данных. В рамках этой презентации мы рассмотрим более подробно саму постановку задачи, поговорим о технологических элементах, используемых в её решении, отличиях катастрофоустойчивых и распределённых ЦОД, влиянии расстояния между ЦОД на используемые подходы. Кроме того, мы поговорим о способах связи разнесённых сетей хранения данных, а также кратко рассмотрим подходы, используемые при организации связи территориально разнесённых сетевых фабрик. Сессия будет интересна специалистам, отвечающим за проектирование и эксплуатацию сетей территориально распределенных ЦОД.
Обзор Сервисных Услуг Cisco в России и странах СНГ.Cisco Russia
Обзор Сервисных Услуг в России и странах СНГ.
Сервисные Услуги в России и странах СНГ делятсяна Базовую и Расширенную техническую поддержку.
БАЗОВАЯ ТЕХНИЧЕСКАЯ ПОДДЕРЖКА 1. Центр Технической Поддержки (ТАС) Центр технической поддержки Cisco TAC предоставляет Заказчикам быстрый доступ к технологическим экспертам с опытом диагностики и решения самых сложных проблем.
Cisco TAC обладает развитой системой управления запросами, которая позволяет оперативно направить проблему в соответствующую технологическую команду или перевести на следующий уровень поддержки, если проблема не решена в заданный период.
Cisco TAC предоставляет круглосуточную поддержку по всему миру.
Клиентские контракты на техническую поддержку Cisco Smart Net Total CareCisco Russia
Клиентские контракты на услуги технической поддержки Cisco Smart Net Total Care
Cisco Smart Net Total Care (SNTC) — это контракт на услуги технической поддержки Cisco.
Cервис сочетает в себе ведущие в отрасли и получившие множество наград технические сервисы с дополнительно встроенными инструментами бизнес-аналитики, которые получает Заказчик через встроенные интеллектуальные возможности на портале Smart Net Total Care.
Запись вебинара "Решения компании Cisco для операторов связи по защите от взлома и вредоносного программного обеспечения": https://ciscoclub.ru/resheniya-kompanii-cisco-dlya-operatorov-svyazi-po-zashchite-ot-vzloma-i-vredonosnogo-programmnogo-o
Запись вебинара "Решения компании Cisco для операторов связи по защите от взлома и вредоносного программного обеспечения": https://ciscoclub.ru/resheniya-kompanii-cisco-dlya-operatorov-svyazi-po-zashchite-ot-vzloma-i-vredonosnogo-programmnogo-o
Запись вебинара "Решения компании Cisco для операторов связи по защите от взлома и вредоносного программного обеспечения": https://ciscoclub.ru/resheniya-kompanii-cisco-dlya-operatorov-svyazi-po-zashchite-ot-vzloma-i-vredonosnogo-programmnogo-o
Профессиональные услуги Cisco для Software-Defined AccessCisco Russia
Как реализовать SDA, создать стратегию, которая будет сопоставлена с бизнес задачами, оценить готовность к трансформации, успешно и максимально надежно реализовать намеченные планы.
Обнаружение известного вредоносного кода в зашифрованном с помощью TLS трафик...Cisco Russia
О работе группы исследователей компании Cisco, в которой доказана применимость традиционных методов статистического и поведенческого анализа для обнаружения и атрибуции известного вредоносного ПО, использующего TLS в качестве метода шифрования каналов взаимодействия, без дешифровки или компрометации TLS-сессии. Также рассказано о решении Cisco Encrypted Traffic Analytics, реализующем принципы, заложенные в данном исследовании, его архитектуре и преимуществах.
Промышленный Интернет вещей: опыт и результаты применения в нефтегазовой отраслиCisco Russia
Как компания Cisco способствует цифровой трансформации предприятий нефтегазовой отрасли. Описание внедренных проектов, полученных результатов, обзор примененных архитектур.