馬嘶的網路大道

https://www.youtube.com/watch?v=A7GrIWKkGUQ  by Tom Anschutz 原以為NFV 就是將原使用專屬硬體的網路設備變成虛擬版本跑在 資料中心的大量伺服器中 ， 再用新種的services chaining把他串起來 看完這youtube和這兩頁, 我想有domain knowhow的人員其實未來還是很被需要 的, why? AT&T在想的絕不是這麼簡單, 我記得有評論說NFV 能大幅改變網路規劃的 方式, 是以全網當成一個系統,  將控制與轉發分離的天條,  仔細的審視各功能的 整併, 建立一個可全系統調度的網路服務, 個別技術不是重點, 高彈性的網路服務才是 不過,  這一切還是軟硬體已到達可思考實作的起始臨界點, 很多技術或範本都還不存 在 ,  但是 , 真的好玩的來了 ,  五年的困惑也有了一些解答

搞技術到老真的要有覺醒, 你得不斷的學習, 其實,  學也就算了,  難的是難入門, 要當可悲的 菜鳥(要老鳥被踐踏是很難受的,因為那是遙遠的記憶) anyway, 不是真有興趣也走不到這一步,  都已經菜過了 ,  就不能白白放掉,  要持續跟上, 其實"難入門"的一大主 因,  是很多領域連那唯一的一本書都沒有(例如 load balancer, , proxy/cache..), 此外, 你必須知道這領域的歷史,  包袱,  未來可能的進展 唉 IP https://www.ietf.org/ RFC有空還是要看看有沒有新的 https://www.nanog.org/ https://www.ripe.net/ 每一季都有會議 http://www.lightreading.com/ https://www.sdxcentral.com/ http://blog.ipspace.net/ Mobility http://blog.3g4g.co.uk/ http://www.4gamericas.org/en/resources/white-papers/ http://www.rysavy.com/writing http://mobilesociety.typepad.com/mobile_life/ http://disruptivewireless.blogspot.tw/ Application delivery/performance https://devcentral.f5.com/ https://devcentral.f5.com/users/38/my-contributions/typeid/42 http://apmdigest.com/ http://apmblog.compuware.com/ https://www.igvita.com/ https://sharkfest.wireshark.org/ Security SANS Reading Room http://www.darkreading.com/ http://krebsonse

http://blog.ipspace.net/2015/06/another-spectacular-layer-2-failure.html quote from  "And this is the reason why I always tell people that when a port is unused you have to configure it as a L3 port ("no switchport" in Cisco/Arista terms) rather than have it shutdown..."

https://blog.avinetworks.com/2014/12/01/3-customer-stories-that-helped-shape-avi-networks 以下節錄一段 網路軍火商不要想著賣東西給自家就能造軍火的公司 此外,SDN不是要顧客的network team寫code, 對客戶而言 把問題解決是第一要務, 背後解法不是最重要的 One of my initial chats was with the CIO of a large public e-commerce company. My curiosity was piqued when he told me he didn't want staff experts who are “an inch wide and a mile deep.” Instead, he wanted smart, innovative generalists who could focus on the big problems. “I have every tool under the sun, whether for performance or visibility or acceleration,” he said. “ But I don’t have folks who understand these tools. I can’t attract that kind of specialized talent, and it’s too expensive.” Today, a big part of our mission is to  mask technical complexities  from the user by engineering solutions that are not only “intelligent,” but intuitive and  exceedingly simple to use . And simple is not easy. Simple is the removal of everything except what matters, and that takes longer and is much

ONS 2015 video 熱騰騰, Amin Vahdat的keynote還是最多人關注 Google的影響力可見一斑, 此外Amin 的演說精簡 直指要點, 聽來很是享受與具高度啟發性, 尤其是 簡報完後的Q&A 期待九月的更多細節

Experience in architecting large IP/MPLS and DC networks.  Expert in BGP, OSPF, IS-IS. Expert in TCP/IP protocol stacks and experimental performance enhancements. Deep knowledge of IPv6, network security, and protecting control planes. >>Solid understanding of Linux routing Experience with SDN Technologies (OpenFlow, OVS, IO-Visor, Nuage, OpenContrail, BigSwitch, etc) >>Proficient in reading and writing Python, Bash, Perl, Ruby. >>Knowledge of automation frameworks (Ansible, Chef, Puppet, etc.)  Deep understanding of Optical technologies, DWDM, and modern data center architectures.

http://www.wired.com/2015/06/google-reveals-secret-gear-connects-online-empire/ 昨天熬夜聽ONS google 的演講, google 不止運算與網路硬體自己來, 連協定 也自己創造一個, 這讓我想起Qfabric的巨大失敗,我想那時google 的人在聽J 的簡報時不知在想什麼, Qfabric可是花了超多錢, 排擠掉多少內部專案,才搞 定的, google到底花了多少人力與金錢, 他們真的比較聰明嗎? 網路業界可能不服氣, 畢竟google要發展最符合他們需要的設備(多的功能不要), 網路業界要發展可以賣給很多人的設備(一堆雜七雜八的功能) 多數企業不可能花這樣多的訂製工作(連facebook都沒吧), 網路業界也要認清 ultrascale的設備是不可能賣給google的

https://www.sdxcentral.com/articles/news/cord-onos-att/2015/06/ I remembered other term invented by J called NGCO

http://www.techbang.com/posts/24170-far-eastone-through-the-volte-audit-a-second-can-be-connected-to-the-4g-cal l

http://www.nuagenetworks.net/network-virtualization-overlay-and-underlay-design/

HTTP/2 is here E2e的SSL更是大問題, browser/OS出怪招,就只能bypass了

http://valerieaurora.org/tcpip.html

Python 程式設計入門

http://blogs.wsj.com/cio/2015/05/11/google-moves-its-corporate-applications-to-the-internet/ http://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/43231.pdf http://buzzorange.com/techorange/2015/05/14/google-beyondcorp/ 畫重點 基本假設是，內部網絡實際上跟互聯網一樣危險。因為 1）一旦內網邊界被突破，攻擊者就很容易訪問到企業內部應用。 2）現在的企業越來越多采用移動和雲技術，邊界保護變得越來越難。所以乾脆一視同仁，不外區分內外網，用一致的手段去對待。 "這種訪問模式要求客戶端是受控的設備，並且需要用戶證書來訪問。"在這種模式下，信任關係從網絡層面遷移到了設備層面。

some backhaul bandwidth calculation 2G - per antenna/basestation 5Mbps 5Mhz - GSM carrier -200kHz = 25 carriers 7 channels per carrier -> so 175 channels HSPA+ 22/42 Mbps ( up/down) (using  5Mhz) LTE 86/326 Mbps ( if 20Mhz) how much bandwidth improvement via LTE 20Mhz( who has 20Mhz?) LTE design for telecom - key objective is latency LTE still is highly telecom optimized( why using expensive telecom oriented network technology to serve internet traffic? - Do we really need 10ms or even 1ms latency? bad baby discipline ( 壞寶寶)- spend huge efforts to serve poor quality users Wide LTE deployment is because of WiMAX competition WiMaz ( since 2000- called Worldwide interoperability of "microwave" access) - it was backhaul microwave technology 802.16d fixed WiMAX then mobile WiMax 802.16e ( by Sprint) Why Intel promoted WiMax/WiFi -> push more computing requirements -- same as virtualzation or NFV ...... Qulacomm was the killer to WiMax Death of

http://www.lightreading.com/business-employment/roi-tco/new-ip-bigger-better/a/d-id/713931?

https://fasterdata.es.net/science-dmz/

http://etherealmind.com/why-firewalls-wont-matter-in-a-few-years/ 其實這還是兩種 IT運算環境的爭論, 像google不愛 VM, 可能不甩 compliance , 有一堆超強攻城師, 一般企業可沒有, 一般企業的雇員也有 買 IBM/Cisco不會被fired 的迷思 這類想法能提供另一面的思考方向,  但說firewall在幾年內就無關緊要 是聳動了點, 不過,  不這麼寫, 有人會看嗎 AppSec is Eating Security AppSec is Eating Security from Alex Stamos