Route server exposure at IXPs leaves peering LANs vulnerable to routing leaks and real-world DDoS attacks. In this article, we talk about how and why it matters.| RIPE Labs
We map where networks actually publish routing data - across RIR-run and third-party IRRs - and how that data is used in practice. Connecting our findings with RPKI growth and exploring regional patterns, we examine legacy space and operational risks to suggest clear clean-up priorities.| RIPE Labs
After a good while without posting anything, I finally decided to slowly recommence again. This first post is about a little BGP trick that may help you increase the scale of Azure Route Server. Typically the maximum number of 8 BGP peers should be enough for most designs, but if you happen to need to … Continue reading Going beyond 8 peers in Azure Route Server| Cloudtrooper
Autocast turns one round of unicast latency measurements into millisecond-accurate predictions, automatically selecting the optimal anycast locations for fast .nl response times worldwide. Pairing simulated annealing with real resolver telemetry, it delivers lean, cost-aware PoP sets - often around 11–13 sites - that rival painstaking manual tuning without a single trial BGP announcement. Read on to learn more!| RIPE Labs
Have you heard about MRT dumps, but never tried to use them because the bar seems too high? Or are you tired of doing “parse -> grep -> process” every time you touch BGP MRT dumps? This hands-on guide shows how to load RIS/RouteViews data into ClickHouse - covering tools, schema, and example querie…| RIPE Labs
As returning readers of this blog would be aware - I found a trick to find Facebook caching servers around the world during the APRICOT 2018 hackathon. Since then I am running my code again every year to see the changes and publish this report. Previous reports March 2018 here Nov 2019 here April 2021 here Facebook knows! Back in 2019, I was in San Francisco, California for NANOG 75. While roaming around in the lobby, someone read the NANOG card hanging around my neck and greeted me. His 2nd ...| Personal blog of Anurag Bhatia
Hello, Community! Customers and holders of contributor subscriptions can now download VyOS 1.4.3 release images and the corresponding source tarball. This release includes fixes for CVE-2024-3596 (BlastRADIUS) — a vulnerability in the RADIUS PAM module that made it possible (even if not easy) for an attacker capable of active MitM to forge a server response and log in to a vulnerable system without valid credentials. It also fixes over seventy bugs and adds a few new features. Those featur...| VyOS - Blog
Bridge firewall improvements, ongoing configuration system rework, and many bug fixes. #vyos #project #update| blog.vyos.io
BGP is the de facto routing protocol for inter-domain routing, or in other words, the global internet. It’s used to exchange routing information among autonomous systems around the entire world. Therefore, it’s extremely important we do what we can to secure BGP communications, what we advertise, and the methods we use to create peering relationships.... Continue Reading →| {networkphil}
Over forty bug fixes, faster BGP convergence, safer upgrades, BRAS improvements, and more! #vyos #release| blog.vyos.io
Hello, Community! It's spring in the northern hemisphere, and here's the March update. A lot of our effort is currently going into the development of the accelerated dataplane based on VPP: We added a prototype of IPsec, and we are actively working on support for NAT. But there are many other updates, including a fix for a vulnerability in service console-server, support for loading firewall groups from a URL, an option to set a custom container registry, and more. Read on for details!| VyOS - Blog
These are notes taken during and after the 38C3 conference in Hambourg. Notes might be a bit sketchy at times I went to this session because I don't know anything about BGP and how it works. It was a bit hard to follow, but I got some knowledge out of …| (not) my ideas
Hello, Community! While VyOS 1.4/Sagitta has taken its final shape, and we are working to smoothen any remaining sharp edges (especially in migration scripts), the upcoming 1.5/Circinus branch is the new frontier where we can go wild and experiment freely. Safe features from the current branch are still backported to 1.4/Sagitta. Still, we already have non-back portable features — such as improvements to the new DHCP server implementation based on Kea rather than the now-obsolete ISC DHCP s...| VyOS - Blog
数据中心的网络和家用网络有很大不同,家用网络一个小路由器就够了,挂了的话,就忍受一下没有网络的时间,然后去网上下单再买一个换上。数据中心可不行,所有的东西都要设计成高可用的。| www.kawabangga.com
To make you more familiar with the concepts of network routing and to get acquainted with the reputable vendors of network routers, we have prepared a number of blogs as a series, the different parts of which are as follows: Part 1 - What is a Network Router? Routing Terms (Such as Routing Protocols, and [...] The post Network Routing: Part 1 – What is a Network Router? Routing Terms (Such as Routing Protocols, and Types of Routers) appeared first on ITperfection - Network Security.| ITperfection – Network Security
This post is part of our MANRS Basics series intended for non-experts interested in learning more about routing security.| MANRS
U.S. agencies want to secure the Border Gateway Protocol, but experts question whether their approach could worsen security.| CyberScoop
By Henry Birge-Lee, Grace Cimaszewski, Liang Wang, Cyrill Krähenbühl, Kerstin Fagerstrom, and Prateek Mittal Today we are announcing the development of a| Freedom to Tinker
Designing network connectivity in public cloud can very quickly become a daunting task. Of course, public cloud providers do offer native networking services, and with those it is fairly easy. This…| Cloudtrooper
Last month, Amazon lost control of its cloud-based IP address pool for more than three hours, which allowed cyber criminals to steal $235,000 from users of one of AWS’s customers. Using BGP hijacking, hackers gained control over a pool of 256 IP addresses. Briefly describing the BGP protocol, it is a backbone – the basis ...| research.securitum.com
