Author Archives: packetmischief.ca
Author Archives: packetmischief.ca
Ahh the Christmas break. The perfect time for good food, enjoying the company of family and friends and of course…. IT projects at home! My project last year was to immerse myself in the source code for OpenBSD's snmp daemon so that I could integrate my patch-set for Net-SNMP directly into the native OpenBSD daemon. That was time well spent as I was able to integrate my code in the following weeks. This year I have maintenance to do in the home lab. It looks like 2013 is going to be a busy year as far as getting my hands on new stuff so I want the lab ready to rock.
First project: upgrade my VMware ESXi server from 4.1 to 5.1.
Do you ever find yourself in a conversation with someone where you attempt to explain a concept in detail and you realize that you don't know that concept at the level of detail that you thought you did? That happened to me recently. I thought I had a better handle on TRILL and FabricPath than I really did. Since I retain things far better when I write them down, I'm going to blog the differences between TRILL and FabricPath when it comes to address learning and what role the control plane plays in building the network topology
A colleague of mine pointed something out the other day: the numbers and letters that make up the Nexus 2000 (FEX) model actually have meaning! No, I haven't been living under a rock. I think it's pretty clear that with a model number like “2248TP-E” the “22” indicates this is the 2200 series FEX and the “48” indicates it's got 48 ports. But what about the letters that follow the numbers?
As I've written about in the past (here), Apple's AirPlay technology relies on Bonjour which is Apple's implementation of “zero config” networking. One of the things that Bonjour enables is the automatic discovery of services on the network. For example, an Apple TV might advertise itself as being able to receive AirPlay streams. An iPad that is looking for AirPlay receivers would use Bonjour to discover the Apple TV and present it to the user as an AirPlay destination. Both the Apple TV and iPad do all this without any user intervention or configuration (hence the “zero config” part).
That's fine and dandy but what my earlier article focused on was how Bonjour broke down in a network where what I'll call the “server” and the “client” are not in the same Layer 2 domain/VLAN. This is because the service discovery aspect of Bonjour relies on link-local scope multicast. These packets will not cross Layer 3 boundaries in the network.
This is a quick, high level rundown of Cisco's various fabric extender technologies and where each fits into the data center.
As a follow-up to my previous article on Port Channels titled “4 Types of Port Channels and When They're Used” I wanted to talk a bit about the long-standing rule that says you should always create your Etherchannel (EC) bundles with a number of links that works out to a power of two (ie, 2,4 or 8 links). That rule is less applicable today than it used to be.
The other day I was catching up on recorded content from Cisco Live! and I saw mention of yet another implementation of port channels (this time called Enhanced Virtual Port Channels). I thought it would make a good blog entry to describe the differences of each, where they are used, and what platforms each is supported on.
Virtual Cluster Switching (VCS) is Brocade's brand of datacenter ethernet switching. VCS allows for the creation of a network fabric that's capable of converging storage and data traffic via standards-based datacenter bridging. It also solves the “Spanning Tree Protocol (STP) problem” by implementing a standards-based TRILL data plane paired with their own control plane in the form of Fabric Shortest Path First (FSPF). This data + control plane enable the “routing” of MAC addresses through the fabric, negates the need for STP, enables the use of all cabled links, and prevents traffic loops. VCS is only (currently) available on the VDX line of switches from Brocade.
In this post I'm going to outline five aspects of VCS that I found particularly interesting or unique. This is a companion article to an earlier one titled Five Functional Facts about FabricPath where I broke down five features of Cisco's fabric technology.
Cisco's Identity Services Engine (ISE) is a powerful rule-based engine for enabling policy-based network access to users and devices. ISE allows policy enforcement around the Who?, What?, and When? of network access.
These questions can all be answered easily within ISE and are all standard policy conditions that are relatively easy to implement. In the post below I'm going to focus on the How? — How is the user or device connecting to the network? Asked another way, the question is Wired? or Wireless?
FabricPath is Cisco's proprietary, TRILL-based technology for encapsulating Ethernet frames across a routed network. Its goal is to combine the best aspects of a Layer 2 network with the best aspects of a Layer 3 network.
An article on FabricPath could go into a lot of detail and be many pages long but I'm going to concentrate on five facts that I found particularly interesting as I've learned more about FabricPath.
I don't really keep up to speed on consumer technology. For me, the enterprise IT space holds more challenge and interest. There is one piece of consumer tech though that has become fully ingrained in my life: the tablet. For that reason, I'm going to summarize my experience in using both Android and Apple based tablets.
I've had two main areas of interest in my IT career. Professionally, I've been a network guy. Designing, building, and supporting IP networks is what pays my bills. On the other side, I'm a Unix geek. Building, tinkering, and hacking code on Unix systems and related open source software has always been fun and challenging for me. Recently I was reflecting on my career and realized that my Unix and open source experience has played a big role in my career as a network engineer. Here's some of the ways I believe network engineers can benefit from Unix experience.
These are some articles/interviews that I came across this week that got me thinking about Apple's Bonjour in enterprise environments.
RANCID (Really Awesome New Cisco confIg Differ) is a tool for automating the collection of hardware and configuration data from network devices. I recently upgraded an installation from version 2.3.1 to 2.3.8. And naturally, because I didn't have a ton of time to devote to this, stuff broke. It stopped pulling data from some switches. Not all switches, mind, that would be too easy to troubleshoot. Only some.
Although it would be awesome to ditch Net-SNMP altogether now that the base OpenBSD SNMP daemon has support for all of the OpenBSD-related MIBS (CARP, PF, kernel sensors), reality is that Net-SNMP still offers some features that are needed. OpenBSD doesn't have any SNMP tools (snmpwalk, snmpset, etc) so these are still required from Net-SNMP. There's also some unique features in the Net-SNMP daemon that are still useful if you want to do things like monitor BIND9 or Postfix statistics.
Here's how to run both at the same time and leverage snmpd for the OpenBSD-related MIBs and the Net-SNMP daemon for its ability to retrieve data from scripts and extend itself using loadable modules and smux sub-agents.
Update: For help running both snmpds at the same time, see Net-SNMP and snmpd Coexistence on OpenBSD
Now that OPENBSD-CARP-MIB and OPENBSD-PF-MIB have been added to the base snmpd in OpenBSD (CARP-MIB will be in 5.1-release, PF-MIB in 5.2, and the SENSOR MIB has been there since 4.5), I wanted to document the differences between these MIBs and the corresponding implementation of the MIBs that I wrote for Net-SNMP.
Both implementations provide the same set of OIDs and allow the same data to be retrieved. Whatever you were querying via Net-SNMP is available via snmpd.
What has changed is the base OID where the CARP and PF MIBs are rooted at as well as the name of certain OIDs.