SSL PERFORMANCE

In a recent discussion with fellow network engineers about encryption in a DC network, I made an observation that in some cases it might be better to simply enforce end-to-end encryption directly between applications rather than in the underlying infrastructure (MACsec, IPSEC etc.).

Looking at MACsec for example, as crypto is done by the ASIC, the general opinion was that ...

read more>

AUTOMATION, ONE STEP AT A TIME (1)

Not long ago I did a short demo at the sixth iNOG meeting, which saw around one hundred netengs get together at Facebook's Dublin HQ for an amazing evening. The point of the demo was to show people to how easy it is to write a bit of code to quickly generate device configuration from a template.

read more>