Ivan Pepelnjak

Author Archives: Ivan Pepelnjak

Software-Defined Security and VMware NSX Events

I’m presenting at two Data Center Interest Group Switzerland events organized by Gabi Gerber in Zurich in early June:

  • In the morning of June 7th we’ll talk about software-defined security, data center automation and open networking;
  • In the afternoon of the same day (so you can easily attend both events) we’ll talk about VMware NSX microsegmentation and real-life implementations.

I hope to see you in Zurich in a bit more than a month!

Response: Are Open-Source Controllers Ready for Carrier-Grade Services?

My beloved source of meaningless marketing messages led me to a blog post with a catchy headline: are open-source SDN controllers ready for carrier-grade services?

It turned out the whole thing was a simple marketing gig for Ixia testers, but supposedly “the response of the attendees of an SDN event was overwhelming”, which worries me… or makes me happy, because it’s easy to see plenty of fix-and-redesign work in the future.

Read more ...

Optimize Your Data Center: Virtualize Your Servers

A month ago I published the video where I described the idea that “two switches is all you need in a medium-sized data center”. Now let’s dig into the details: the first step you have to take to optimize your data center infrastructure is to virtualize all servers.

For even more details, watch the Designing Private Cloud Infrastructure webinar, or register for the Building Next-Generation Data Center course.

Scalability of OpenFlow Control Plane Network

This article was initially sent to my SDN mailing list. To register for SDN tips, updates, and special offers, click here.

I got an interesting question from one of my readers:

If every device talking to a centralized control plane uses an out-of-band channel to talk to the OpenFlow controller, isn’t this a scaling concern?

A year or so ago I would have said NO (arguing that the $0.02 CPU found in most networking devices is too slow to overload a controller or reasonably-fast control-plane network).

Read more ...

Some People Don’t Get It: It Will Eventually Fail

Mark Baker left this comment on my Stretched Firewalls across Layer-3 DCI blog post:

Strange how inter-DC clustering failure is considered a certainty in this blog.

Call it experience or exposure to a larger dataset. Anything you build will eventually fail; just because you haven’t experienced the failure yet doesn’t mean that the system will never fail but only that you were lucky so far.

Read more ...

First Guest Speaker in Building Next-Generation Data Center Course

When I started thinking about my first online course, I decided to create something special – it should be way more than me talking about cool new technologies and designs – and the guest speakers are a crucial part of that experience.

The first guest speaker is one of the gurus of network design and complexity, wrote numerous books on the topic, and recently worked on a hardware-independent network operating system.

Read more ...

More on Reading and Writing Books

Russ White wrote a great response to my “Do You Really Want to Write that Book?” blog post and I couldn’t agree more with what he wrote. Unfortunately, he seems to be a bit over-idealistic when analyzing why the market for high-end content is so small.

You know I usually have a cynical explanation handy, so here it is: too many people calling themselves engineers for no particular reason simply don’t care. It’s way easier to Google-and-paste your way around than to invest time in understanding the fundamentals.

Read more ...

Shortest Path Bridging (SPB) and Avaya Fabric on Software Gone Wild

A few months ago I met a number of great engineers from Avaya and they explained to me how they creatively use Shortest Path Bridging (SPB) to create layer-2, layer-3, L2VPN, L3VPN and even IP Multicast fabrics – it was clearly time for another deep dive into SPB.

It took me a while to meet again with Roger Lapuh, but finally we started exploring the intricacies of SPB, and even compared it to MPLS for engineers more familiar with MPLS/VPN. Interested? Listen to Episode 54 of Software Gone Wild.

Host-to-Network Multihoming Kludges

Continuing our routing-on-hosts discussions, Enno Rey (of the Troopers and IPv6 security fame) made another interesting remark “years ago we were so happy when we finally got rid of gated on Solaris” and I countered with “there are still people who fondly remember the days of running gated on Solaris” because it’s a nice solution to host-to-network multihoming problem.

Quoting RFC1925, “It’s easier to move a problem around than to solve it” and people have been extremely good at moving this particular problem around for decades.

Read more ...