Hedge 195: DDoS Inflection with Barry Greene

21 September 2023

DDoS attacks still play a major role in the global Internet, costing organizations tens (or hundreds) or millions of dollars each year. What are the current and future trends in DDoS attacks? Barry Greene, a global expert in DDoS mitigation, joins Russ White and Tom Ammon to discuss the future of DDoS.

Simple or Complex?

19 September 2023

A few weeks ago, Daniel posted a piece about using different underlay and overlay protocols in a data center fabric. He says:

There is nothing wrong with running BGP in the overlay but I oppose to the argument of it being simpler.

One of the major problems we often face in network engineering—and engineering more broadly—is confusing that which is simple with that which has lower complexity. Simpler things are not always less complex. Let me give you a few examples, all of which are going to be controversial.

On the ‘net: Network Models at Packet Pushers

17 September 2023

I’ve just started a new series on network models over at Packet Pushers. The first two installments are here:

I learned the Open Systems Interconnect (OSI) model way back in the mid-1980s, as a part of my basic networking education. Ever since then, I’ve used the OSI model in my day-to-day work as a network engineer.

First, models are not sacrosanct. A model is just a tool. If the model you are using is not working for you, feel free to modify it.

On the ‘Net: The IETF at Packet Pushers

17 September 2023

I’ve been writing a series about working within the IETF to publish a new standard over at Packet Pushers. The most recent installments are:

There are other seemingly mystical concepts in the IETF process as well—for instance, what is a “document stream,” and what is a document’s “status?”

You’re almost ready to submit a shiny new document to the IETF for consideration, right? Not quite yet—we still need to deal with mandatory sections and language.

Schedule 0923

17 September 2023

Here’s a preview of what I’m working on for those who are interested.

Weekend Reads 091523

15 September 2023


The average total cost of a data breach has reached an all-time high in 2023 of $4.45 million. This is an increase of 2.3% from last year’s $4.35 million.


Originally created as a secure sandbox to run compiled C/C++ code in web browsers, WebAssembly (Wasm) has been gaining traction and momentum on the server-side.


Specifically, the web giant’s Privacy Sandbox APIs, a set of ad delivery and analysis technologies, now function in the latest version of the Chrome browser. Website developers can thus write code that calls those APIs to deliver and measure ads to visitors with compatible browsers.

Upcoming Training: How Routers Really Work

14 September 2023

Have you ever wondered exactly how a router moves a packet from input to output interface? Or what the difference between is between a router’s and host’s operating system? Or why forwarding engines are built in classes, and one forwarding engine cannot “do it all?” Join me on the 22nd at 1pm ET for How Routers Really Work, a three-hour tour through router guts. I’ve replaced about 10% of the slides since the last time I taught this course.

If you register, you can watch the recording at a later date.

Register here.

Hedge 194: Network Automation with the Network Automation Forum

7 September 2023

Year after year network engineering media, vendors, and influencers talk about the importance of network automation—and yet according to surveys, most network operators still have not automated their network operations. In this episode of the Hedge, part 2 of 2, Chris Grundemann and Scott Robohn join the Hedge to give their ideas on why network automation isn’t happening, and how we can resolve the many blockers to automation.

Weekend Reads 090123

1 September 2023


However, unlike most of the world, which is taking a flexible, adaptive Zero Trust Model approach of continuous controls for cyberdefense, the EU government is pursuing a vastly expanded version of the failed Common Criteria certification model coupled with regulatory extremism and exceptionalism strategies.


Enabled by SD-WAN, internet-first networking strategies are now the order of the day for wide-area connectivity and have been for some time.

Hedge 193: Network Automation with the Network Automation Forum

1 September 2023

Year after year network engineering media, vendors, and influencers talk about the importance of network automaion—and yet according to surveys, most network operators still have not automated their network operations. In this episode of the Hedge, part 1 of 2, Chris Grundemann and Scott Robohn join the Hedge to give their ideas on why network automation isn’t happening, and how we can resolve the many blockers to automation.