Ivan Pepelnjak

Author Archives: Ivan Pepelnjak

Software-Defined Security and VMware NSX Events

I’m presenting at two Data Center Interest Group Switzerland events organized by Gabi Gerber in Zurich in early June:

  • In the morning of June 7th we’ll talk about software-defined security, data center automation and open networking;
  • In the afternoon of the same day (so you can easily attend both events) we’ll talk about VMware NSX microsegmentation and real-life implementations.

I hope to see you in Zurich in a bit more than a month!

Response: Are Open-Source Controllers Ready for Carrier-Grade Services?

My beloved source of meaningless marketing messages led me to a blog post with a catchy headline: are open-source SDN controllers ready for carrier-grade services?

It turned out the whole thing was a simple marketing gig for Ixia testers, but supposedly “the response of the attendees of an SDN event was overwhelming”, which worries me… or makes me happy, because it’s easy to see plenty of fix-and-redesign work in the future.

Read more ...

Optimize Your Data Center: Virtualize Your Servers

A month ago I published the video where I described the idea that “two switches is all you need in a medium-sized data center”. Now let’s dig into the details: the first step you have to take to optimize your data center infrastructure is to virtualize all servers.

For even more details, watch the Designing Private Cloud Infrastructure webinar, or register for the Building Next-Generation Data Center course.

Scalability of OpenFlow Control Plane Network

This article was initially sent to my SDN mailing list. To register for SDN tips, updates, and special offers, click here.

I got an interesting question from one of my readers:

If every device talking to a centralized control plane uses an out-of-band channel to talk to the OpenFlow controller, isn’t this a scaling concern?

A year or so ago I would have said NO (arguing that the $0.02 CPU found in most networking devices is too slow to overload a controller or reasonably-fast control-plane network).

Read more ...

Some People Don’t Get It: It Will Eventually Fail

Mark Baker left this comment on my Stretched Firewalls across Layer-3 DCI blog post:

Strange how inter-DC clustering failure is considered a certainty in this blog.

Call it experience or exposure to a larger dataset. Anything you build will eventually fail; just because you haven’t experienced the failure yet doesn’t mean that the system will never fail but only that you were lucky so far.

Read more ...

First Guest Speaker in Building Next-Generation Data Center Course

When I started thinking about my first online course, I decided to create something special – it should be way more than me talking about cool new technologies and designs – and the guest speakers are a crucial part of that experience.

The first guest speaker is one of the gurus of network design and complexity, wrote numerous books on the topic, and recently worked on a hardware-independent network operating system.

Read more ...

More on Reading and Writing Books

Russ White wrote a great response to my “Do You Really Want to Write that Book?” blog post and I couldn’t agree more with what he wrote. Unfortunately, he seems to be a bit over-idealistic when analyzing why the market for high-end content is so small.

You know I usually have a cynical explanation handy, so here it is: too many people calling themselves engineers for no particular reason simply don’t care. It’s way easier to Google-and-paste your way around than to invest time in understanding the fundamentals.

Read more ...

Shortest Path Bridging (SPB) and Avaya Fabric on Software Gone Wild

A few months ago I met a number of great engineers from Avaya and they explained to me how they creatively use Shortest Path Bridging (SPB) to create layer-2, layer-3, L2VPN, L3VPN and even IP Multicast fabrics – it was clearly time for another deep dive into SPB.

It took me a while to meet again with Roger Lapuh, but finally we started exploring the intricacies of SPB, and even compared it to MPLS for engineers more familiar with MPLS/VPN. Interested? Listen to Episode 54 of Software Gone Wild.

Host-to-Network Multihoming Kludges

Continuing our routing-on-hosts discussions, Enno Rey (of the Troopers and IPv6 security fame) made another interesting remark “years ago we were so happy when we finally got rid of gated on Solaris” and I countered with “there are still people who fondly remember the days of running gated on Solaris” because it’s a nice solution to host-to-network multihoming problem.

Quoting RFC1925, “It’s easier to move a problem around than to solve it” and people have been extremely good at moving this particular problem around for decades.

Read more ...

New Experiment: Interactive Online Course

After I told you that I’m not going to Interop, I got numerous emails along the lines of “but I was really looking forward to attending your workshop” so I started looking for a solution that would combine the best of online and classroom worlds.

Here’s my first attempt: an interactive online course combining topics from two of my Interop workshops. I’m still working on the detailed agenda and plan to have it ready around May 1st. In the meantime, I’d really appreciate your feedback – leave a comment or send me an email.

Software-Based Switching Is not SDN

Russ White made an excellent remark while discussing the news that the CloudRouter pushed 650 Gbps through commodity hardware: “If this is software defined networking, then we’ve been doing this since sometime in the 1990’s, perhaps even earlier…

He’s absolutely right – the first routers (like AGS or IGS from Cisco) did all packet forwarding in software, so as I explained during the Introduction to SDN webinar while reaching dozens of gigabits with software-based packet forwarding is exciting, calling it SDN doesn’t make much sense.

High Availability Planning: Identify the Weakest Link

Everyone loves to talk about business critical applications that require extremely high availability, but it’s rare to see someone analyze the whole application stack and identify the weakest link.

For more details, watch my Designing Active/Active and Disaster Recovery Data Centers or attend one of my workshops.

If you start mapping out the major components of an application stack, you’ll probably arrive at this list (bottom-to-top):

Read more ...