This is a quick tip that you'll love.

By default, Wireshark's IO Graph depicts the packets per second rate of all traffic and "Bad TCP" traffic (we'll discuss that next week).

Did you know that any display filter that you prepare/apply is automatically added as another packets-per-second line on your IO Graph? By default, this new line is also marked active.

In the gif example, I'm looking for IP headers that contain an option field. The display filter is ip.hdr_len > 20. When I select Statistics > IO Graphs, I see a new graph line has been created based on that display filter.

Your new graph item will appear as "Filtered packets" directly below any other graph lines in place.

Once you've changed the IO graph, Wireshark saves your settings in the io_graphs file that is inside your profile directory.

Want to share a cool IO graph with someone else? Just send them your io_graphs file!

(Note: You can only have one io_graphs file in each profile directory.)

Cheers!

With the network no longer a commodity but a strategic partner in digital transformation, network operating systems (NOSs) have become indispensable. They play a foundational role in enabling the seamless operation, security, and efficiency of enterprise networks, enabling them to be more agile, adaptable, and capable of supporting new services, processes, and models.

However, a trending misconception in the realm of networking is the notion that all NOSs are essentially the same, offering similar features, performance, and capabilities. This myth stems from a fundamental misunderstanding of the diverse requirements of different network types and the specialized functionalities that various NOSs are designed to provide.

In this blog, we’ll explore why this perception is flawed.

Diverse Network Requirements

Networks vary significantly in scale, complexity, and purpose. As a result, the choice of a NOS depends on various factors, including the network architecture (peer-to-peer versus client-server), the scale of the network, and specific requirements such as security, resource management, and user administration.

For example, a data center network, designed to manage high volumes of traffic and ensure reliable data storage and access, has vastly different requirements from a small office network, which may prioritize ease of use and minimal setup. Similarly, core networks, which form the backbone of the internet, demand high performance and robustness, in contrast with edge networks that require low latency and are often tailored for specific IoT applications.

Moreover, different NOSs offer varying levels of customization and scalability, catering to organizations’ specific needs. For example, some use cases, such as peering, require a NOS to support the full internet routing table (also known as the full border gateway protocol, or BGP, table) of over 1 million entries—including rapidly relearning the table and rerouting traffic in the event of a link or node failure—to ensure comprehensive connectivity and optimal routing decisions across the global internet based on various metrics such as the shortest path, least number of autonomous system (AS) hops, or other policy-based decisions. This can lead to improved performance and lower latency for end users but isn’t essential for a data center network with only a few segments.

Another factor is the need for the NOS to support different services based on the use case. Fixed edge networks must be able to support multiple services, such as quality of service (QoS) for maintaining the performance of latency-sensitive applications such as VoIP, video conferencing, and streaming services, internet protocol television (IPTV) for multicast streaming of high-quality video content with minimal latency, and carrier-grade network address translation (CGNAT) for ISPs to optimize existing IPv4 infrastructure and delay the investment required for IPv6 deployment. While QoS and IPTV need to be carried through to the aggregation network, CGNAT only needs to be done once at the edge, affecting the choice of NOS for each use case.

Features and Optimizations Vary by Type of Network

To meet these varied requirements, each NOS is developed with specific features and optimizations. For example, a NOS designed for data center operations might focus on virtualization capabilities and high-speed data processing, while a NOS for edge computing would prioritize low-latency data processing and lightweight deployment.

Data Center Networks

• Function: Data center networks are designed to house and provide connectivity for servers and storage systems that host applications and data.
• NOS features: NOSs for data centers are optimized for high-density server environments, virtualization, and storage networking. They often include features for data center bridging, overlay networks, and support for software-defined networking (SDN).

Core Networks

• Function: Core networks serve as the high-capacity backbone for data transmission across different regions or between different network layers.
• NOS features: Core network NOSs are designed for high throughput and reliability, with advanced routing protocols, high-speed packet forwarding, and support for large-scale network topologies.

Aggregation Networks

• Function: Aggregation networks collect traffic from access networks before it is sent to the core network, managing traffic from multiple sources.
• NOS features: NOSs for aggregation networks typically include capabilities for traffic management, QoS, and support for medium to high data throughput.

Peering Networks

• Function: Peering networks facilitate the exchange of traffic between different ISPs or large networks, often to reduce transit costs and improve performance.
• NOS features: NOSs in peering networks often have features for BGP routing, traffic filtering, and security controls to manage the exchange of routes and data with other networks.

Access Networks

• Function: Access networks connect end-user devices to the network, serving as the entry point for users to access network services.
• NOS features: Access network NOSs are designed for managing a large number of end-user connections, providing features like DHCP, DNS, and user authentication.

Fixed-Edge Networks

• Function: Fixed-edge networks are designed to deliver content and services with minimal latency by being closer to the end users.
• NOS features: Fixed-edge network NOSs may include features for local data processing, IoT support, and integration with edge computing platforms optimized for low latency.

Mobile-Edge Networks

• Function: Mobile-edge networks are part of the mobile telecommunications infrastructure, designed to bring computing resources closer to mobile users and devices.
• NOS features: Mobile-edge NOSs are optimized for the mobile environment, supporting features like mobile backhaul, real-time analytics, and seamless integration with mobile network functions.

Cloud Networks

• Function: Cloud networks provide scalable and flexible networking capabilities for cloud services, supporting a wide range of applications and services.
• NOS features: Cloud network NOSs are built for virtualized environments, offering features that support multitenancy, cloud orchestration, and dynamic resource allocation.

Tailored NOS Features

Since each type of network has distinct requirements and challenges, the NOS deployed must be specifically tailored to meet those needs. For example, a data center NOS must handle the high-density and virtualization demands of modern data centers, while a core network NOS focuses on high-speed, reliable data transport. Aggregation and peering network NOSs manage traffic flows and routing exchanges, respectively. Access network NOSs ensure connectivity for end users, and edge network NOSs (both fixed and mobile) are optimized for delivering services with low latency. Cloud network NOSs are designed to operate in virtualized cloud environments, providing the flexibility and scalability required for cloud services.

Security needs and compliance requirements can also dictate the choice of NOS. Certain environments may require specialized security features or compliance with specific standards, influencing the selection of a NOS that can adequately meet these demands. In addition, open source NOSs allow users to modify and adapt the software to unique requirements, which is particularly beneficial for specialized or evolving network environments.

Choosing the Right NOS for Your Business

The misbelief that all NOS are created equal overlooks the nuanced and diverse landscape of network technologies and requirements. Understanding the specific features, capabilities, and optimizations of different NOSs is crucial for selecting the right system to support an organization’s unique network infrastructure and objectives.

GigaOm has just released the 2024 NOS Radar reports across three market segments—mobile network operators and network service providers (MNOs and NSPs), communication service providers and managed service providers (CSPs and MSPs), and large enterprises and small-to-medium businesses (SMBs)—based on technical features and business criteria tailored to each market segment. While many of the solutions appear on each Radar, choosing the right NOS for the network is not as simple as picking one of the Leaders or Challengers. Just because one NOS is positioned as a Leader doesn’t necessarily mean that it’s right for you. Even adjacent NOSs may focus on entirely different networks.

By debunking the myth that all NOSs are created equal, organizations can make informed decisions that enhance their network’s performance, security, and efficiency.

Next Steps

To learn more, take a look at GigaOm’s NOS Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating Network Operating Systems
• GigaOm Radar for Network Operating Systems: MNOs and NSPs
• GigaOm Radar for Network Operating Systems: CSPs and MSPs
• GigaOm Radar for Network Operating Systems: Large Enterprises and SMBs

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post Debunking Myths: All Network Operating Systems are NOT Created Equal appeared first on Gigaom.

Over seven years ago, I had the opportunity to cowrite what would be the first book on network automation. It was an amazing experience getting to share and do what was needed to move the industry forward. The book no doubt has helped many organizations on their network automation journey and many individuals in their career progression. It is still humbling to see by the day. For those tracking, the second edition of Network Programmability & Automation was released last year too!

Fast forward to today: I am humbled and pleased to announce another book! In partnership with Glenn Matthews, Josh VanDeraa, Ken Celenza, John Anderson, Brad Haas, Christian Adell, Bryan Culver, Gary Snider and technical reviewers Tim Fiola, Cristian Sirbu, and Eric Chou, we and everyone at NTC are delighted to announce Network Automation with Nautobot: Adopt a network source of truth and a data-driven approach to networking.

With the advent of artificial intelligence, there is nothing more important than for enterprises to have quality data that can be trusted and acted upon to drive automation and future generative AI applications. Nautobot is the open source data platform for networking. Full stop.

Three years ago, we forked NetBox and launched the Nautobot project because we saw the gap in the market. There was no platform or company that saw the relationship between data and automation—and treated both as first-class citizens. And now, over the last three years, we’ve deployed Nautobot at some of the world’s largest organizations across verticals, from enterprise financials and higher education institutions to high-growth tech companies and government entities. And we’ve done it together with a welcoming community, transparent and in the open, while creating over two dozen Nautobot Apps (all open source, by the way). We even launched Nautobot Cloud for those organizations that don’t want to deal with the hassle of managing applications and want the elasticity of cloud.

We’ve seen firsthand what works and doesn’t work and where people spend time learning. While Nautobot is an open source project and docs are publicly available, we knew we needed to share even more about how Nautobot can be used as a Network Source of Truth and automation platform to transform those teams that have been stuck doing network management the way they’ve done it for years.

In the book, you’ll learn how to deploy, manage, and integrate Nautobot as a Source of Truth and network automation platform by better understanding the relationship between data and automation. By the end, you’ll be able to design and manage Nautobot deployments, understand its key features, and extend them by creating custom data models and apps that suit your network and your team.

The book is broken down into 4 major parts with 16 chapters and 3 more appendixes.

• Part One: Introduction to Source of Truth and Nautobot
• Part Two: Getting Started with Nautobot
• Part Three: Network Automation with Nautobot
• Part Four: Nautobot Apps
• Appendix 1: Nautobot Architecture Deep Dive
• Appendix 2: Integrating Distributed Data Sources of Truth with Nautobot
• Appendix 3: Performing Config Compliance & Remediation with Nautobot

We want as many teams as possible to have the knowledge and skills necessary to build a strong foundation for a network automation stack.

The book takes you on the Nautobot journey, starting with understanding the problems around network automation, data, and Source of Truth. It then reviews navigating the UI and its extensibility features. From there, we dive into all of the automation goodness, looking at its APIs, Ansible collection, pynautobot, and later looking at network automation architectures powered by Nautobot. Finally, we have several chapters dedicated to developing Nautobot Apps. From there, we have great reading in the appendixes, diving into the Nautobot architecture and then into two of the most popular Nautobot Apps: Single Source of Truth (SSoT) and Golden Config (which performs configuration compliance and remediation).

One of the book’s main points is that non-technical skills, such as an understanding of the value of data, are crucial when deploying network automation. But the right technical skills are important too. We wrote the book under the assumption that readers would have some background knowledge about network automation, such as familiarity with using Python or Ansible, plus knowledge of networking. As long as you have one to three years of networking experience and six to twelve months of using Python or Ansible, you’ll be sure to get value from the book on your network automation journey.

The book will be published by Packt, and we are targeting a May ship date. You can find it on Packtpub and Amazon.

Thank you to everyone who has helped make Nautobot a success over the last few years. The ecosystem around Nautobot continues to grow by the day and we have even more in store from here on out! Onward and upward.

Happy automating,

–Jason

The Internet has a plethora of moving parts: routers, switches, hubs, terrestrial and submarine cables, and connectors on the hardware side, and complex protocol stacks and configurations on the software side. When something goes wrong that slows or disrupts the Internet in a way that affects your customers, you want to be able to localize and understand the issue as quickly as possible.

New Map
The new Amazon CloudWatch Internet Weather Map is here to help! Built atop of collection of global monitors operated by AWS, you get a broad, global view of Internet weather, with the ability to zoom in and understand performance and availability issues that affect a particular city. To access the map, open the CloudWatch Console, expand Network monitoring on the left, and click Internet Monitor. The map appears and displays weather for the entire world:

The red and yellow circles indicate current, active issues that affect availability or performance, respectively. The grey circles represent issues that have been resolved within the last 24 hours, and the blue diamonds represent AWS regions. The map will automatically refresh every 15 minutes if you leave it on the screen.

Each issue affects a specific city-network, representing a combination of a location where clients access AWS resources, and the Autonomous System Number (ASN) that was used to access the resources. ASNs typically represent individual Internet Service Providers (ISPs).

The list to the right of the map shows active events at the top, followed by events that have been resolved in the recent past, looking back up to 24 hours:

I can hover my mouse over any of the indicators to see the list of city-networks in the geographic area:

If I zoom in a step or two, I can see that those city-networks are spread out over the United States:

I can zoom in even further and see a single city-network:

This information is also available programmatically. The new ListInternetEvents function returns up to 100 performance or availability events per call, with optional filtering by time range, status (ACTIVE or RESOLVED), or type (PERFORMANCE or AVAILABILITY). Each event includes full details including latitude and longitude.

The new map is accessible from all AWS regions and there is no charge to use it. Going forward, we have a lot of powerful additions on the roadmap, subject to prioritization based on your feedback. Right now we are thinking about:

1. Displaying causes of certain types of outages such as DDoS attacks, BGP route leaks, and issues with route interconnects.
2. Adding a view that is specific to a chosen ISP.
3. Displaying the impact to public SaaS applications.

Please feel free to send feedback on this feature to internet-monitor@amazon.com .

CloudWatch Internet Monitor
The information in the map applies to everyone who makes use of applications built on AWS. If you want to understand how internet weather affects your particular AWS applications and to take advantage of other features such as health event notification and traffic insights, you can make use of CloudWatch Internet Monitor. As my colleague Sébastien wrote when he launched this feature in late 2022:

You told us one of your challenges when monitoring internet-facing applications is to gather data outside of AWS to build a realistic picture of how your application behaves for your customers connected to multiple and geographically distant internet providers. Capturing and monitoring data about internet traffic before it reaches your infrastructure is either difficult or very expensive.

After you review the map, you can click Create monitor to get started with CloudWatch Internet Monitor:

After that you enter a name for your monitor, choose the AWS resources (VPCs, CloudFront distributions, Network Load Balancers, and Amazon WorkSpace Directories) to monitor, then select the desired percentage of internet-facing traffic to monitor. The monitor will begin to operate within minutes, using entries from your VPC Flow Logs, CloudFront Access Logs, and other telemetry to identify the most relevant city-networks.

Here are some resources to help you learn more about this feature:

• • Amazon CloudWatch Internet Monitor Preview – End-to-End Visibility into Internet Performance for your Applications
  • Introducing Amazon CloudWatch Internet Monitor
  • Easily set up Amazon CloudWatch Internet Monitor
  • Using Amazon CloudWatch Internet Monitor for enhanced internet observability
  • Use Amazon CloudWatch Internet Monitor for greater visibility into online experiences
  • Documentation: Using Amazon CloudWatch Internet Monitor
  • Video: Amazon CloudWatch Internet Monitor
  • More questions or comments, contact: internet-monitor@amazon.com

— Jeff;