馬嘶的網路大道

http://www.sdnlab.com/18311.html

https://en.wikipedia.org/wiki/Zero-rating

一般企業由內向外的流量可以這麼幹 外部來的可能ssl offload就能將解密流量交給WAF來幹

https://support.f5.com/content/kb/en-us/products/ssl-orchestrator/manuals/product/ssl-orchestrator-12-1-0/_jcr_content/pdfAttach/download/file.res/F5_SSL_Orchestrator__Setup.pdf

https://f5.com/about-us/blog/articles/iseries-not-just-a-better-bigger-faster-big-ip-23134 In addition, an FPGA can respond to traffic with bounded latencies, ensuring that traffic can be handled appropriately and with a uniform performance level, even under load—unlike a CPU, where software performance can vary as other software vies for the same CPU resources. Specifically, when software is used to direct traffic and the CPU is under load, such as during a DDoS or SSL negotiation attack, the CPU and software responsiveness decreases, reducing the ability of the ADC to manage the attack. Conversely, when an FPGA directs traffic, it will respond predictably, regardless of the load on the CPU https://www.top500.org/news/microsoft-goes-all-in-for-fpgas-to-build-out-cloud-based-ai/ https://www.microsoft.com/en-us/research/wp-content/uploads/2016/10/Cloud-Scale-Acceleration-Architecture.pdf https://www.microsoft.com/en-us/research/wp-content/uploads/2014/06/HC26.12.520-Recon-Fabric-P

Matter of Protecting the Privacy of Customers of Broadband and Other Telecommunications Services 不是這行的法官看的懂嗎

http://the-mobile-network.com/2016/06/encrypted-traffic-to-hit-80-of-all-data-in-some-mobile-networks-in-2016/ The company said that it expected as much as 80% of data on some mobile networks may be encrypted by the end of 2016, with 70% of all  internet traffic encrypted by the end of 2016.  http://the-mobile-network.com/2015/01/how-encryption-threatens-mobile-operators-and-what-they-can-do-about-it/ “trusted proxies” It is unsurprising that the web and app communities are unwilling to consider “trusted proxies”, firstly as there’s a general dislike of proxies, and secondly because that trust has been abused in the past.” http://telecoms.com/39718/encryption-will-it-be-the-death-of-dpi/  DPI platforms cannot break the encryption and look inside the packets. >> SSL inspection ( aka MITM) only applied in controlled environment as enterprise could control gateways ,endpoints and certificate policy. In order to think about how a DPI platform can function in an environm

Why no Soft Handover in LTE ? Orthogonality in LTE Cell-edge reception (which was at the core of Soft HO design in WCDMA) issue is not quite applicable in LTE networks because of orthogonality in both uplink and downlink. Therefore soft handover can be dropped from the LTE system.

http://resources.sei.cmu.edu/library/asset-view.cfm?assetID=449962

http://resources.sei.cmu.edu/library/asset-view.cfm?assetID=449843

https://docs.stackstorm.com/install/ https://docs.stackstorm.com/start.html

http://www.grpc.io/docs/guides/index.html https://github.com/grpc/grpc.git gRPC is based around the idea of defining a service, specifying the methods that can be called remotely with their parameters and return types On the server side, the server implements this interface and runs a gRPC server to handle client calls. On the client side, the client has a stub (referred to as just a client in some languages) that provides the same methods as the server. <1>  define the structure for the data you want to serialize in a  proto file : this is an ordinary text file with a  .proto  extension homework http://www.grpc.io/docs/quickstart/python.html http://www.grpc.io/docs/tutorials/basic/python.html#bidirectional-streaming-rpc-1

http://coolshell.cn/articles/8883.html https://github.com/jlevy/the-art-of-command-line#meta

http://coolshell.cn/articles/11564.html http://coolshell.cn/articles/11609.html

https://dreezman.wordpress.com/2016/09/01/https-inspection-the-dark-side/

OpenFlow User Tutorial Luis Gomez https://drive.google.com/open?id=0B4YIvwUEF-qYTzlZc3UzdC1HckE Writing an Application for OpenDaylight Gaurav Bhawani Hema Gopalkrishnan Manohar SL https://drive.google.com/open?id=0B7Y6kFqhQj6CTjVBd3lUSzFJMWc

http://etherealmind.com/video-arista-algomatch/

https://insights.sei.cmu.edu/cert/2015/03/the-risks-of-ssl-inspection.html

http://www.datacenterknowledge.com/archives/2016/12/01/amazon-vp-network-gear-economy-becoming-commoditized/ no single vendor of vertically-integrated network gear is capable of responding to architecture-centered network problems within a timeframe any narrower than six months. “Vertically-integrated networking equipment, where the ASICs, the hardware, these protocol stacks [ were ] supplied by single companies, is [ like ] the way the mainframe used to dominate servers,” said Hamilton. “If you look at where the networking world is, it’s sort of where the server world was 20 or 30 years ago.  It started out with, you buy a mainframe. . . and that’s it.  And it comes from all one company.  The networking world is the same place.  And we know what happened in the server world:  As soon as you chop up these vertical stacks, you’ve got companies focused on every layer, and they’re innovating together, and they’re all competing.  You can get great things happening.” In certain f

http://www.lightreading.com/services/ott/google-both-best-telco-partner-and-biggest-threat---hr-survey/d/d-id/728815? Nevertheless, a number of telcos believe a WIC will at some point buy a Tier 1 operator. About a quarter of the telco respondents to Heavy Reading's survey said this would "definitely" happen. And according to Donegan, not a single respondent said that it "definitely" would not.

https://wiki.opendaylight.org/view/OpenDaylight_Presentations:Main

http://blog.ipspace.net/2016/12/response-on-death-of-openflow.html really hard to: Detect non-trivial link failures in milliseconds (that’s why we have BFD); Respond to real-time events in reasonable timeframe; Respond to control-plane requests (ARP/ND) from a very large number of hosts; Run chatty edge protocols (LLCP, LACP, STP …) on a large number of ports. extensions to OpenFlow,but lost  interoperability fancy programmable patch panel <厲害 , 命名專家> not require control-plane protocols,  not time-sensitive  no real-time response to failures No control-plane protocols; No real-time response to topology change events; No real-time response to link failures. You’d either use a single uplink or a pre-computed backup path. programmable ACL/PBR” <厲害 , 命名專家> Programmable traffic tapping Flexible endpoint (host) authentication Per-user packet filters installed into edge devices Interesting load balancing scenarios of long-live

對個人來說 前進該一直都是好策略 但對產業或公司  得是哪資金投入就不一定了

https://notebooks.azure.com/

http://blog.cimicorp.com/?p=2882 edge computing 肯定是必須的 只是不知何時會到 先跳入的不一定先贏 可能先掛

http://www.freebuf.com/news/121789.html 乙方也別想解法給必死的假芳了 http://blog.cimicorp.com/?p=2882 不懂為何要一直思考他人的未來

https://networkingnerd.net/2016/11/29/openflow-is-dead-long-live-openflow/

這必須是長期承諾 甲方只頤指氣使供應商是無用的 當客戶需要的能以"指數"的乘數提供時 他人完整的平台也完成時 這障礙不是想追就成的 乙方也得想想 當甲方必死無疑時 自己的活命的浮木是什麼

http://blog.cimicorp.com/?p=2880 中韓日的telco都至少有roadmap 那........ bit commoditization Bandwidth isn’t intrinsically valuable to consumers or businesses—it’s a resource they can harness to do something that  is valuable. transformation future of network operators is to look more like OTTs  That platform may then utilize connection services differently, but the platform transformation has to come first If you run a network and provide connection services using fiber or copper, mobile or satellite, IP or Ethernet or maybe even TDM, then you have the same basic challenge of bandwidth commoditization.  How do you meet that challenge?  You reduce current service cost and you chase new service revenues.  How do you do that?  You evolve from a business model of connecting stuff (which provably means you connect your OTT competitors to customers and disintermediate yourself) to being the stuff that users want to connect with.  

http://static.googleusercontent.com/media/research.google.com/zh-TW//pubs/archive/44824.pdf

https://www.youtube.com/watch?v=AyOAjFNPAbA

http://www.vccoo.com/v/e64593 https://telecominfraproject.com/ 幫著過時的慘業想解法 還是加入新的陣營

- DPI probe終究是無用的  因為SSL everywhere - SSL decryption  只有用在enterprise 電信公司就別想了 SSL everywhere 只是web scale公司的陽謀 - 電信公司終究是會死透的 -  decoupled control plane只在特定場景有效, distributed才能讓你不被煮熟 -  bye openflow

确定性和因果关系 vs  强相关关系 智能问题转变成数据问题 重新认识穷举法 依然没有消化完的信息革命 解决问题只有靠时间

https://www.forwardingplane.net/2016/10/care-segment-routing/

https://www.bizety.com/2016/03/30/building-scaling-fastly-network/

http://www.vccoo.com/a/suf2k http://www.hropt.com/

Software or Hardware: China Telcos Tell Huawei to Decide "If you do software your value is much higher than with hardware," he said. With the growth of open source in telecoms, "you don't need to reinvent the wheel. You just add your own things on top." "Huawei should not have the mindset that customers will buy hardware and software together. If you go down this path you may run into problems in ten years or so."  Huawei faced the question of whether it "becomes a software integrator or a hardware manufacturer."

https://bwc-docs.brocade.com/index.html

-  Scale of CLOS Networks is not manageable without automation -  Problem: Networks are not static -  The desired state of the network is mutable -  The desired configuration is a function of desired state and current state -  Solution: -  A state machine can be used to track the progression from current state to desired state

https://www.nanog.org/sites/default/files/20160922_Quinn_Being_Open_How_v1.pdf Segmentation of peering, backbone, and compute layers Evolving beyond BGP …with BGP <excellent!> • Feed telemetry to a controller that speaks BGP • Use language of BGP with forwarding elements • BGP ”best” paths become the real best paths

https://www.youtube.com/watch?v=vMgZ_BdipYw

Keynote History of SDN Control at AT&T- Chris Rice OpenDaylight Clustering Infrastructure & Applications- Jan Medved & Robert Varga Building a Virtualized Central Office (CORD)- Azhar Sayeed

https://www.sdxcentral.com/articles/news/googles-network-needs-five-controllers/2016/10/ Evolution of SDN in Google’s Network Infrastructure- Vijoy Pandey

http://www.networkworld.com/article/3130229/software-defined-networking/pradeeps-principle-give-up-on-moores-law-and-embrace-automation.html Below are the elements of network automation as outlined by Sindhu:  Intent-based operational configuration Intent-based service instantiation Centralized network optimization Telemetry based on push semantics Standards-based interfaces for Configuration Telemetry Service definition Path optimization Hierarchical representation to handle scale and distance

https://inside-openflow.com/

http://www.netmanias.com/

http://www.bnext.com.tw/article/view/id/41192 「如果你已經在一家大公司工作超過10年後遭到解僱，那麼你的技術將會落後六個時代（這時代技術迭代很快，而且沒學習新技術的工程師也沒什麼競爭力）。」矽谷社交網站Hackers/Founders創辦人Jonathan Nelson表示，「我知道，有一些40、50歲的工程師在重新學習App的程式設計和大數據，而有一些則去做了Uber司機。」

http://product.china-pub.com/4974297

http://blog.ipspace.net/2016/09/policing-or-shaping-it-depends.html

http://static.googleusercontent.com/media/research.google.com/zh-TW//pubs/archive/45411.pdf

https://landing.google.com/sre/#sre 站点可靠性工程师

In terms of the overall 5G definition, or the vision as a whole, we already have industry consensus that 5G will be built around three use cases: enhancing mobile broadband; massive machine type of communication; and ultra-reliable low-latency communication.

http://frankdenneman.nl/2016/07/06/introduction-2016-numa-deep-dive-series/

2.) “IF YOU’RE TWENTY-TWO, PHYSICALLY FIT, HUNGRY TO LEARN AND BE BETTER, I URGE YOU TO TRAVEL – AS FAR AND AS WIDELY AS POSSIBLE. SLEEP ON FLOORS IF YOU HAVE TO. FIND OUT HOW OTHER PEOPLE LIVE AND EAT AND COOK. LEARN FROM THEM – WHEREVER YOU GO.”  4.) "WHAT NICER THING CAN YOU DO FOR SOMEBODY THAN MAKE THEM BREAKFAST?"

https://www.sdxcentral.com/articles/news/5-funding-insights-silicon-valley-venture-capitalist/2016/07/ huge transformations happening in networking,  cloud , and data centers and finding ways to solve new problems. “Whereas a company like JP Morgan has a much wider diversity of workloads. Each workload has its own needs. The enterprises of the world will have many problems that need to be solved.” And while traditional security is perimeter-driven, the growth of cloud gives rise to a whole new set of issues.

http://www.sdnlab.com/17383.html

http://p4.org/p4/inband-network-telemetry/ http://p4.org/wp-content/uploads/fixed/INT/INT-current-spec.pdf the traditional methods for managing networks are almost exclusively based on a client/server or “ pull” model . A management device periodically polls the devices of interest for specific data, these requests are handled by the local control plane stack, and the data is collected and sent back. Generations of networks have proven the shortcomings of this model arising from the limitations of CPU-based control planes and an explosive increase in the number of network elements and ports (both virtual and physical) and link bandwidths. In the INT model, information from the data plane of the network is extracted and exported directly  from  the data plan e – without the overhead or scale limitations of a control plane CPU.  Moreover, the information that resides in the data plane is often ephemeral in nature: state on such things as queue depths, packet drops, and routing / ECM

https://devcentral.f5.com/articles/getting-started-with-irules-lx-introduction-conceptual-overview-20409

物聯網應用中，最常被提及的幾個元素如下： * Communication * Networking * Operator * Device http://www.bnext.com.tw/column/view/id/40233

Ostinato

http://www.techbang.com/posts/44722

http://www.eetimes.com/author.asp?section_id=36&doc_id=1330054

http://www.sdnlab.com/17354.html J的infranet在2000年就是談這個, 20年後還是未來 分層獨立創新很好,  但升級應該會很痛 一定要很乾淨的分離

http://etherealmind.com/custom-silicon-isnt-that-hard-after-all/?utm_source=feedly&utm_medium=rss&utm_campaign=custom-silicon-isnt-that-hard-after-all

http://blog.ipspace.net/2016/06/complexity-sells.html

爬吧

http://www.sdnlab.com/17117.html 之前跟美国的网工聊， 他们的团队原来是一个团队围着一堆设备去工作，现在是这个团队拆散了，就每个人都成了专家，他去到各个业务部门去提供IT服务。 从业务部门看到的应用场景，再联系现有的网络场景就可以很快的定位到问题，这是很高级的服务，当然也可以去根据业务本身写一些应用来解决问题，这样可以更好的帮助业务部门去理解网络。最后他们就可能在同一个办公室办公了， 这就是网络在刷存在感 。 很可能最后做网络的人比做业务的人还懂业务，他们看到的是全局，而业务看到的只是局部。 其实这种变化是很多做网络的人想看到的，这样他们做的事情就变的更高级。我就是做网络的，这也是我们作为网络人的诉求。之前S DN概念刚出来时要做自动化运维，但我们在实践中慢慢总结到这种思想不对，其实聪明的还是人类，我们要把重心放到人身上 。云杉说：技术创造价值。但怎样创造价值，怎样创造正确的价值是我们要思考的。记得当时在2012年的ONS大会上，G oogle华丽的展示他们SDN的优势，自动化的优势 。当时一个Cisco的老网工说我们后面做什么， Google很高调的说管不着 ，当时现场就安静了。所以说我们的技术价值要和人连接起来，让人发挥更重要的作用。 其实说到OpenFlow，我们也很感慨，到现在对OpenFlow还有很多人不赞同。其实OpenFlow的价值就在于他打开了一扇门，可以让我们在x86设备上快速的部署应用。它其实是定义了你对网络里最细粒度的控制，这已经是一个极限，这种思想已经给我们的思维方式带来了改变。从这个角度说来，OpenFlow的使命已经完成了。其实云杉的DeepFlow可以形容为后OpenFlow时代，最重要的是把应用的信息加入到网络的信息组成中，一个用户的业务信息都包含在Application flow，而用Net flow描述基础的网络信息。这样Net flow + Application flow = DeepFlow，它基本上已经把描述网络流量全部信息就已经全涵盖了。这样网络和应用就天然结合了 It’s time to virtualize the network. 2011 It’s time to develop SDN applications. 2016

https://www.sdxcentral.com/articles/news/barefoot-networks/2016/06/ http://www.marketwired.com/press-release/-2134161.htm By eliminating the tyranny of fixed-function switch chips, Barefoot's Tofino empowers software developers to program their network in much the same way they program a computer. Tofino provides the first programmable forwarding plane ,  "The basic fixed-function switch architecture was set in 1996 and has remained unchanged for twenty years," noted Nick McKeown, co-founder and chief scientist at Barefoot Networks. " Yet everything else in the data center changed. We went from monolithic software to VMs and then to containers and fully distributed applications. With the rise of the cloud, data center traffic patterns changed as did the role of the data center. How could a 1996 switching architecture be the right foundation for 2016's applications? In all other parts of the data center we have moved to programmability . Tofino enables t

http://www.networkworld.com/article/3084466/network-management/128-technology-aims-to-fix-the-internet.html This has many limitations that the industry has built a bunch of workarounds for. That’s why we have load balancers, firewalls, network address translation, deep packet inspection, MPLS and several other technologies. Here is where the problem is: Whenever a network needs to be changed, sometimes one or maybe all of these need to be touched, and performance is often still degraded because the “shortest path” may not be the best path. Routers need to be more than packet-pushers 128 Technology is trying to make networks “session aware” and deterministic. What that means is routers can’t simply be packet pushers and take a packet in and forward it on to the next hop. Right now packets are sent off everywhere and then reassembled when they reach the destination. Any packets going down a bad path are marked as lost and then retransmitted. This can be hell on networks and can ca

深入淺出 DPDK

https://medium.com/hyperscale-routing/the-end-of-the-router-e4d769aea60f#.7yuiqobvr

treat it seriously https://www.sdxcentral.com/articles/news/iot-connections-will-surpass-smartphones-2018-ericsson-says/2016/06/

http://www.sdnlab.com/16849.html 运营商减重迫在眉睫，AT&T计划5年内裁员30% “我们需要不断的改变自己，且永无止境。”同时他还进一步表示，一周花在网上学习的时间没有达到10个小时的人，将会被技术所淘汰。Hardy指出AT&T只会雇佣那些花时间在学习和研究的员工，这使得他们每周的工作时间由40个小时变成45-50个小时。

在WAN端我還是不看好openflow+controller的方案 光本地端BFD和fast reroute+flexible topo的需求我實在 想不出改變的可能性 不是每家公司都是google阿

深入浅出DPDK

http://about.att.com/content/dam/snrdocs/ecomp.pdf

http://etherealmind.com/analytics-of-everything/

http://innovation.verizon.com/content/dam/vic/PDF/Verizon_SDN-NFV_Reference_Architecture.pdf

https://www.sdxcentral.com/articles/news/huawei-wants-cloudifying-telcos-reach-100b/2016/04/

Dear Red. If you’re reading this, you’ve gotten out. And if you’ve come this far, maybe you’re willing to come a little further. You remember the name of the town, don’t you? I could use a good man to help me get my project on wheels. I’ll keep an eye out for you and the chessboard ready. Remember, Red. Hope is a good thing, maybe the best of things, and no good thing ever dies. I will be hoping that this letter finds you, and finds you well. Your friend. Andy. Shawshank Redemption The Shawshank Redemption. Frank Darabont. Tim Robbins, Morgan Freeman. Castle Rock Entertainment, 1994.

In the last ten years, it has been all IP. In the next ten years, it is going to be all cloud," he stated.

http://pastebin.com/raw/0SNSvyjJ _ _ _ ____ _ _ | | | | __ _ ___| | __ | __ ) __ _ ___| | _| | | |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / | | _ | (_| | (__| < | |_) | (_| | (__| <|_| |_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_) A DIY Guide

https://cloudplatform.googleblog.com/2016/04/introducing-the-new-Google-Cloud-Load-Balancing-UI.html https://www.usenix.org/sites/default/files/conference/protected-files/nsdi16_slides_eisenbud.pdf

https://www.dropbox.com/sh/6q0i6qxs45gzt3t/AACeAVf6acWeq1qs9Id5ySrda/iSDX-ATT.pptx?dl=0

http://www.lightreading.com/data-center/cloud-strategies/huaweis-carrier-enterprise-sales-could-hit-$80b-by-2020/d/d-id/722537 "In the last ten years, it has been all IP. In the next ten years, it is going to be all cloud," he stated.  taking on the all-cloud transformation would mean another "mindset change."

http://www.theregister.co.uk/2016/04/12/hey_tech_industry_have_you_noticed_amazon_in_the_rearview/ Dear IT vendors, I have a very serious question to ask you, both individually and as a group: do you all still want to be in business in 2020? If you answered yes then I must, in the politest possible fashion, also ask: what the fuck is wrong with you? Amazon is kicking your asses, individually and collectively, and none of you seem to be able to understand why. I have worked with CEOs and serfs, talked to top architects and technical marketers, sales engineers and VPs. With very few exceptions, none of you have managed to put down your crayons long enough look at the page you're scribbling on and the result is an entire industry that hasn't the first clue about why the world around it has suddenly become strange and confusing .

http://blog.ipspace.net/2015/02/per-packet-load-balancing-on-wan-links.html http://blog.ipspace.net/2014/03/per-packet-load-balancing-interferes.html http://blog.ipspace.net/2010/12/multi-chassis-link-aggregation-mlag-and.html Having conversation with senior network engineer . Sadly , there are still someone think reordering is fine ( and ok with TCP!) Please just listen to Ivan! BTW, JUNOS's "per-packet" keyword is "per-flow" Also , please check Brocade http://blog.ipspace.net/2011/04/brocade-vcs-fabric-has-almost-perfect.html

How To Install Stable OpenStack Liberty In Ubuntu Using Devstack 1) $git clone https://github.com/openstack-dev/devstack.git -b stable/liberty 2) $cd devsack $./ stack.sh

SFC provides a framework to address these problems through • Creation of service specific overlays between service nodes • Creation of service overlay that is independent of network topology

Underlay Overlay?? Simplify Underlay, incrementally transition services to Overlay

Firewall “Positive Model” Controls what traffic types/paths are permitted. IPS “Negative Model” Detects/blocks malicious traffic within allowed paths.

http://www.networkworld.com/article/3053111/cloud-computing/what-is-amazon-cloud-s-lambda-and-why-is-it-a-big-deal.html#tk.rss_all 使用-aws-lambda-來自動針對-s3-的影片檔的進行 And perhaps most interestingly, it could be a replacement for one of Amazon’s core cloud services: Virtual machines. new term :  Serverless computing