Ivan Pepelnjak
Author Archives: Ivan Pepelnjak
- Home → Author's archive:
Ivan Pepelnjak
DMVPN Split Default Routing
SD-WAN is all the rage these days (at least according to software-defined pundits), but networking engineers still build DMVPN networks, even though they are supposedly impossibly-hard-to-configure Rube Goldberg machinery.
To be honest, DMVPN is not the easiest technology Cisco ever developed, and there are plenty of gotchas, including the problem of default routing in Phase 2/3 DMVPN networks.
Read more ...Winston Churchill on IPv6
While researching for another blog post, I stumbled upon this speech by Winston Churchill:
When the situation was manageable it was neglected, and now that it is thoroughly out of hand we apply too late the remedies which then might have effected a cure. There is nothing new in the story. It is as old as the Sibylline Books. It falls into that long, dismal catalogue of the fruitlessness of experience and the confirmed unteachability of mankind. Want of foresight, unwillingness to act when action would be simple and effective, lack of clear thinking, confusion of counsel until the emergency comes, until self-preservation strikes its jarring gong -these are the features which constitute the endless repetition of history.
Obviously mr. Churchill wasn't talking about IPv6 but about way more serious matters… but it's also obvious he was right abut the unteachability of mankind.
Enterprise Content-over-IPv6 Deployment Scenarios
After ARIN ran out of IPv4 address space (in a totally uncontrolled “let’s party till it’s over” way) US enterprise IT shops (RFC 6919) OUGHT TO learn how to spell IPv6 (US service providers are already ahead of the pack).
You may also decide to ignore IPv6 indefinitely, but do keep in mind that consultants love panicking clients.
Read more ...Douglas Comer on the Future of Networking
Jim Small asked me what I thought about the Future of Networking Packet Pushers podcast with Douglas Comer. I decided to listen to it while driving toward one of my recent hikes, and it was a great decision– it was the best Packet Pushers podcast I listened to in a long while.
Read more ...Get ipSpace.net Subscription while Attending the Rome SDN/NFV Event
Reiss Romoli, the fantastic organizers of my SDN/NFV event in Rome, Italy in late October are offering you a free personal ipSpace.net subscription – a saving of $299 or approximately EUR 270.
All you have to do to qualify is (A) download and fill in the registration form, (B) send it to Reiss Romoli and (C) pay before attending the webinar.
Yeah, I know the PDF form says “fax it back” – everyone has to use the tools that work best in their environment.
Hope we'll meet in warm and sunny Rome in a few weeks!
Building Carrier-Grade Cloud Infrastructure
During my recent SDN workshop one of the attendees asked me “How do you build carrier-grade (5 nines) cloud infrastructure with VMware NSX?”
Short answer: You don’t… and it’s a wrong question anyway.
Read more ...Software-Defined IXP with Laurent Vanbever on Software Gone Wild
A while ago I started discussing the intricate technical details of fibbing (an ingenious way of implementing traffic engineering with traditional OSPF) with Laurent Vanbever and other members of his group, and we decided to record a podcast on this topic.
Things never go as planned in a live chat, and we finished talking about another one of his projects – software defined Internet exchange point (SDX), the topic of Episode 41 of Software Gone Wild.
Read more ...Designing Active-Active and Disaster Recovery Data Centers
A year ago I was a firm believer in the unlimited powers of Software-Defined Data Centers and their ability to simplify workload migrations. After all, if you can use an API to create any data center object, what’s stopping you from moving the workload running in a data center to another location.
As always, there’s a huge difference between theory and reality.
Read more ...What Happens When a Data Center Fabric Switch Fails?
I got into an interesting discussion with a fellow networking engineer trying to understand the impact of a switch failure in a L2/L3 data center fabric (anything from Avaya’s fabric or Brocade’s VCS Fabric to Cisco’s FabricPath, ACI or Juniper’s QFabric) on MAC and ARP tables.
Here’s my take on the problem – have I missed anything?
Read more ...Prepare for Job Interview with ipSpace.net Subscription
Did you know that many networking engineers use ipSpace.net webinars (and subscription) to prepare for the job interviews?
Here’s one of their success stories (name changed for obvious reasons):
Read more ...Response: Firefighters and Fire Marshals
In a recent blog post Tom Hollingsworth made a great point: we should refocus from fighting one fire at a time to preventing fires.
I completely agree with him. However…
Read more ...Learn SDN with Virtual Routers and Switches
Bryan would love to get hands-on SDN experience and sent me this question:
I was recently playing around with Arista vEOS to learn some Arista CLI as well as how it operates with an SDN controller. I was wondering if you know of other free products that are available to help people learn.
Let’s try to do another what-is-out-there survey.
Read more ...Cumulus Linux Base Technologies
Dinesh Dutt started his part of the Data Center Fabrics Update webinar with “what is Cumulus Linux all about” and “what data center architectures does it support” and then quickly jumped into details about the base technologies used by Cumulus Linux: MLAG and IP routing.
Not surprisingly, the MLAG part generated tons of questions, and Dinesh answered all of them, even when he had to say “we don’t do that”.
DHCP Details You Didn’t Know
If you’ve been a networking engineer (or a sysadmin) for a few years, you must be pretty familiar with DHCP and might think you know everything there is to know about this venerable protocol. So did I… until I read the article by Chris Marget in which he answers two interesting questions:
- How does the DHCP server (or relay) send DHCP offer to the client that doesn’t have an IP address (and doesn’t respond to ARP)?
- How does the DHCP client receive the DHCP responses if it doesn’t have an IP address?
VSAN: As Always, Latency Is the Real Killer
When I wrote my stretched VSAN post, I thought VSAN uses asynchronous replication across WAN. Duncan Epping quickly pointed out that it uses synchronous replication, and I fixed the blog post.
The “What about latency?” question immediately arose somewhere in my subconscious, but before I could add that thought to the blog post (because travel), Anders Henke wrote a lengthy comment that totally captured what I was thinking, so I’m including it in its entirety:
Read more ...Renewing ipSpace.net Subscription before It Expires
One of my subscribers asked me: “My subscription is valid till early December. How could I renew it now (due to budgetary reasons)?”
While I already had the process to do just that, there was no link that one could use (you had to know the correct URL). I’ve fixed that – you’ll find the renewal link on the first page of my.ipSpace.net
Response: SDN is eating vendors’ lunch
Another week, another story from the SDN land, this time The Register reporting on AT&T plans. Even though there are almost no details in the story, the headline boasts that “SDN is eating vendors’ lunch”, prompting SDN hopefuls on LinkedIn groups to claim that “the promise of SDN is fast coming to fruition.”
Not so fast.
Read more ...DLSP – QoS-Aware Routing Protocol on Software Gone Wild
When I asked “Are there any truly QoS-aware routing protocols out there?” in one of my SD-WAN posts, Marcelo Spohn from ADARA Networks quickly pointed out that they have one – Dynamic Link-State Routing Protocol.
He also claimed that DLSP has no scalability concerns – more than enough reasons to schedule an online chat, resulting in Episode 40 of Software Gone Wild. We didn’t go too deep this time, but you should get a nice overview of what DLSP is and how it works.
VMware VSAN Can Stretch – Should It?
Pirmin Sidler read the stretched VSAN blog posts by Duncan Epping (intro, HA/DRS considerations, demo) and asked me what I think about stretched VSAN considering my opinions on long-distance vMotion.
TL&DR answer: it makes way more sense than long-distance vMotion. However…
Read more ...Why It’s Hard to Deploy SDN-Like Functionality Today
Whenever I talk about the various definitions of SDN (ending with the “SDN provides an abstraction layer”), old-timers sitting quickly realize that the SDN products that you can deploy in real life aren’t that different from what we did in the past – an SDN controller is often just an overhyped glorified network services orchestration system.
OK, so why didn’t we have that same functionality for the last 20 years?
Read more ...