Internets of Interest for 15th March 2013


Collection of useful, relevant or just fun places on the Internets for 15th March 2013 and a bit commentary about what I’ve found interesting about them:

VMware NSX Network Virtualization | The Console Blog – VMware Blogs – VMare rushes out their announcement of controller networking based on Nicira. Takes cheap shots at network engineers everywhere. Not a good way to bring all the networkers into your yard…..

Meanwhile, through all of the advances in server virtualization and cloud computing, networking has remained stuck in the past. Still today, provisioning network and security for an application is a manual effort; requiring a human, keyboard, and CLI. Each manual configuration must be carefully engineered across numerous devices, resulting in time consuming and error prone deployments. And coupling the network’s capabilities to hardware limits choice, creates choke points, and restricts workload placement – creating an unnecessary drag on the overall efficiency of everything in the infrastructure (servers and storage) attached to the traditional networking paradigms conceived in the 20th century.

Uptime Is Not Something To Be Revered — The Lone Sysadmin – I agree with Bob. A computer that’s been running for 10 years is a risk. Today, internal networks are as insecure as Internet-facing. There isn’t anywhere that would be safe.

To me, security is the biggest problem here, because patching is a big part of defense-in-depth. Firewalls are neat but you have to punch holes in the firewall to let people use applications, right? If an application running on a host like this gets compromised it may be very easy for the attacker to compromise the rest of the system by exploiting 10+ years of kernel vulnerabilities. Game over.

OS X Mountain Lion Update v10.8.3 (Combo) – Well thanks the gods of the mulitverse. How long did I have to wait for this feature in OS X:

The ability to redeem iTunes gift cards in the Mac App Store using your Mac’s built-in camera

Attention, CIOs: Stop outsourcing or YOU will never retire • The Register – Very good article about the hidden impacts of outsourcing that undermines the long term resources available  to your, and everyones else’s, company:

“Employers are absolutely part of the problem,” said Harris. “We’ve outsourced too much. Outsourcing became an end in itself.”

Cutting back on jobs may have netted short-terms savings, which, of course, boost the bonus of the CIO and CFO who waved such strategies through. But another result is now a dearth of youngsters with three to five years of experience, and, arguably, of mid-level IT pros.

It’s hard to find young people working in Infrastructure, or even IT. t

Brisbane’s bucketing makes it ‘hard to get hold of the scrotums’ – Sometimes, my home town makes me laugh. Not everything is on the Internet.

When kangaroo scrotums were in abundance, Mr Kreuger stocked up. He said he had about 50,000 frozen in storage though demand is continuing to grow for his products.

VMware® Network Virtualization Design Guide – VMware Networking leaves a lot of room for improvement but this is required reading for virtualization networking.

The IT industry has gained significant efficiency and flexibility as a direct result of virtualization. Organizations are moving toward a virtual datacenter (VDC) model, and flexibility, speed, scale and automation are central to their success. Although compute and memory resources are pooled and automated, networks and network services, such as security, have not kept pace. Traditional network and security operations not only reduce efficiency but also limit the ability of businesses to rapidly deploy, scale and protect applications. VMware vCloud® Networking and Security™ offers a network virtualization solution to overcome these challenges. This paper describes various components of the network virtualization solution and explains one of the key technology – VXLAN. It also provides design considerations that will help virtualization and network architects deploy this solution successfully in their environment.

Clouds of Change: The Changing Feel of VMware PEX – It’s quite a difficult thing to explain a Cloud system to someone who understand virtualization. At least, that has been my experience. Many people have worked hard to understand the virtualization transition are reluctant to change again.

Is it even possible to have change fatigue in IT Infrastructure ?

Martin Topholm: DDoS experiences with Linux and Netfilter » To Linux and beyond ! – using SYN cookies in Linux NetFilter firewalls is slow & effectively pointless

SYN cookie was implemented but the performance were too low with performance below 300kpps which is not what was expected. In fact SYN is on a slow path with a single spin lock protecting the SYN backtrack queue. So the system behave like a single core system relatively to SYN attacks.

Stack Exchange’s Colocation Move: 8 Lessons Learned – Server Fault Blog – 35 servers isn’t much but some good tips about moving data centres.

Moving about 35 servers, something like 2000 pounds of computer hardware 50 blocks, doesn’t seem like that big of a thing. However, in our geek microcosm moving to a new colocation facility was a year long adventure with lessons learned, arguments, designs and redesigns, a hurricane, and many weekends of preparation that somehow resulted in a setup that we are all very proud of. We always want to share our experiences, so this post has some of the lessons we learned, and in the next post have all the technical detail of our new facility.

Browser Security Case Study: Appearances Can Be Deceiving – ACM Queue – Good discussion on browser security – best pull quote

Then I guess the other thing is: don’t ever try to roll your own crypto.