New Webinar: QoS Fundamentals (and Other Events)

I listened to Ethan Banks’ presentation on lessons learned running active-active data centers years ago at Interop, and liked it so much that I asked him to talk about the same topic during the Building Next-Generation Data Center course.

Not surprisingly, Ethan did a stellar job, and when I heard he was working on QoS part of an upcoming book asked him whether he’d be willing to do a webinar on QoS.

Worth Reading: Things Network Engineers Hate

Some of the things Ethan Banks writes are epic. The latest one I stumbled upon: Things Network Engineers Hate. I particularly loved the rant against long-distance vMotion (no surprise there ;).

[Video] Building a Pure Layer-3 Data Center with Cumulus Linux

One of the design scenarios we covered in Leaf-and-Spine Fabric Architectures webinar is a pure layer-3 data center, and in the “how do I do this” part of that section Dinesh Dutt talked about the details you need to know to get this idea implemented on Cumulus Linux.

We covered a half-dozen design scenarios in that webinar; for an even wider picture check out the new Designing and Building Data Center Fabrics online course.

Turn Your Ansible Playbook into a Bash Command

In one of the previous blog posts I described the playbook I use to collect SSH keys from network devices. As I use it quite often, it became tedious to write ansible-playbook path-to-playbook every time I wanted to run the collection process.

Ansible playbooks are YAML documents, and YAML documents use # to start comments, so I thought “what if I’d use a YAML comment to add shebang and turn my YAML document into a script”

TL&DR: It works. Now for the longer story…

Update: Brocade Data Center Switches

Second vendor in this year’s series of data center switching updates: Brocade.

Not much has happened on this front since last year’s update. There was a maintenance release of Brocade NOS, they launched SLX series of switches, but those are so new that the software documentation didn’t have time to make it to the usual place (document library for individual switch models), it's here.

In any case, the updated videos (including edited 2016 content which describes IP Fabric in great details) are online. You can access them if you bought the webinar recording in the past or if you have an active ipSpace.net subscription.

Routing Protocols: a Perfect Example of RFC 1925 Rule 5

In case you’re not familiar with RFC 1925, its Rule 5 states:

It is always possible to agglutinate multiple separate problems into a single complex interdependent solution. In most cases this is a bad idea.

Most routing protocols are a perfect demonstration of this rule.

Solving the Problem in the Right Place

Sometimes I have this weird feeling that I’m the only loony in town desperately preaching against the stupidities heaped upon infrastructure, so it’s really nice when I find a fellow lost soul. This is what another senior networking engineer sent me:

I'm belonging to a small group of people who are thinking that the source of the problem are the apps and the associated business/security rules: their nature, their complexity, their lifecycle...

Sounds familiar (I probably wrote a few blog posts on this topic in the past), and it only got better.

Worth Reading: Is More Technology Good for Your Business?

Gian Paolo Boarina published a great article following my Are You Solving the Right Problem rant.

Long story short: everyone in the networking game has their own agenda, and it’s not necessarily good for you or your business.

Networking Trends Discussion with Andrew Lerner and Simon Richard: Part 2

In June 2017, we concluded the Building Next Generation Data Center online course with a roundtable discussion with Andrew Lerner, Research Vice President, Networking, and Simon Richard, Research Director, Data Center Networking @ Gartner.

In the second half of our discussion (first half is here) we focused on these topics:

Update: Arista Data Center Switches

In the past 5+ years I ran at least one Data Center Fabrics Update webinar per year to cover new hardware and software launched by data center switching vendors.

The rate of product and feature launches in data center switching market is slowing down, so I decided to insert the information on new hardware and software features launched in 2017 directly into the merged videos describing the progress various vendors made in the last years.

First in line: Arista EOS. You can access the videos if you bought the webinar recording in the past or if you have an active ipSpace.net subscription.

Reducing the Number of Transported Routes

One of my friends sent me this design challenge:

Assume you’re migrating from another WAN transport technology to MPLS. The existing network has 3000 routes but the MPLS carrier is limiting you to 1000 routes. How could you solve this with MPLS?

Personally, I think MPLS is a red herring.

A better question would be “how do you reduce the number of routes transported across your WAN network” or “how do you reduce the routing interaction with your MPLS service providers” (particularly intriguing if you use more than one of them).

As always, there are several options and it’s impossible to recommend the best one:

• Readdressing is usually out of question (or at least too messy to try). It might also break numerous firewall rules and other hard-coded stuff… unless you automated everything, but then it wouldn’t be hard to readdress, would it?
• The usual answer would be to summarize the routes. The usual challenge is that you might not be able to do it (because random addressing). Furthermore, summarization is a lossy compression, and loss of forwarding information might result in black holes.
• RFC 1925 states that there’s nothing that cannot be solved with another layer Continue reading

Are You Solving the Right Problem?

With all the intent-based hype (and the previous SDN-will-rule-the-world-hype) you’d think that the network is the ultimate ossified roadblock on the path to agile nirvana.

You’d be totally wrong (and you’d deserve it – never trust a vendor peddling a product).

Here’s an amazing discovery I made when I was still running on-site SDN and network automation workshops.

Upcoming Webinars and Events

Here’s the list of webinars and events planned for October and November 2017:

• Second part of Network Visibility with Flow Data webinar on October 5th;
• Network automation workshop in Rome on October 18th;
• Cumulus Linux Update (part of Data Center Fabrics updates) on October 26th;
• QoS webinar on November 9th (no description yet);
• Day-long data center automation event in Zurich on November 14th (more details soon).

Hint: you get access to all live webinar sessions, and 170 hours of downloadable videos with ipSpace.net subscription.

my.ipSpace.net outage: fixing broken libraries

An update of PERL libraries broke a number of my scripts (don't ask). Here's the current status:

• Fixed: credit card processing. It was impossible to buy products from ipSpace.net with credit cards (the credit card form didn't appear at all)
• Fixed: Google+ login
• Unrelated and fixed: blog search

Anything else not working? Please write a comment or send me an email. Thank you!

Redundancy Does Not Result in Resiliency

A while ago a large airline had a bad-hair day claiming it was caused by a faulty power supply. Not surprisingly, I got a question along the lines of “is that feasible?”

Short answer: Yes. However, someone should be really worried if that wasn’t made up.

Collect SSH Keys with Ansible

Here’s a common scenario I’m encountering on Ansible-related forums:

Q: I cannot connect to network devices with my Ansible network modules. I keep getting these weird error messages…

Me: Are you sure you have the device SSH keys in known_hosts file?

Q: How did you know?

Coming Full Circle on IPv6 Address Length

In the Future of Networking with Fred Baker Fred mentioned an interesting IPv6 deployment scenario: give a /64 prefix to every server to support container deployment, and run routing protocols between servers and ToR switches to advertise the /64 prefix to the data center fabric preferably using link-local addresses.

Let’s recap:

Worth Reading: Blogging Toolkit and Processes

Joel Knight published his blogging toolkit and processes he uses to write blog posts. Definitely worth reading even if you never plan to blog as he nicely documents how to sync creative process across multiple platforms.

Self-Driving Networks with Kireeti Kompella

A while ago I got a kind email from Kireeti Kompella, CTO @ Juniper Networks, saying “A colleague sent me an email of yours regarding SDN, the trough of disillusionment, and the rise of automation. Here's a more dramatic view: the Self-Driving Network -- one whose operation is totally automated.”

Even though Software Gone Wild podcast focuses on practical ideas that you could deploy relatively soon in your network, we decided to make an exception and talk about (as one of my friends described it) a unicorn driving a flying DeLorean with a flux capacitor.

Are VXLAN-Based Large Layer-2 Domains Safer?

One of my readers was wondering about the stability and scalability of large layer-2 domains implemented with VXLAN. He wrote:

If common BUM traffic (e.g. ARP) is being handled/localized by the network (e.g. NSX or ACI), and if we are managing what traffic hosts can send with micro-segmentation style filtering blocking broadcast/multicast, are large layer-2 domains still a recipe for disaster?

There are three major (fundamental) problems with large L2 domains: