Archive

Category Archives for "Cumulus Networks Blog"

Topology matters: how port-per-workload management strategies no longer hold up

In the beginning, there were switches. And connected to these switches were servers, routers and other pieces of gear. These devices ran one application, or at a stretch, multiple applications on the same operating system and thus IP stack. It was very much one-server-per-port; the SQL Server was always on port 0/8, and shutting down port 0/8 would affect only that machine.

This is no longer true, as network engineers well know. Physical hardware no longer dictates what, where, and how servers and other workloads exist. Cloud computing, multi-tenant virtual infrastructures and dynamically reallocated virtual resources mean that one port can cover 20 or 200 servers. Conversely, link aggregation and other forms of port density protocols mean that one server can have fault-tolerant aggregated links across one, five or 50 ports.

A new way of looking at switching—as a logical, rather than physical, topology—is required. In this view, switches aren’t so much pieces of the network architecture themselves, but simply ports that can be used to set up much more complex logical links. This article will focus on two main concepts: routing protocols (to allow better utilization of underutilized switching links) and switching protocols such as STP (those used to Continue reading

VXLAN/EVPN vs VRF Lite

A little background information first.

When having a business requirement of tenancy, most solutions will tend to lean towards VRF. That is because VLANs require a distributed L2 environment, which comes with spanning tree, mlag and a whole other glut of inefficient network control plane protocols. Upleveling the infrastructure to L3 ends up requiring VRF technology to enforce tenancy.

Once you’ve settled on this feature as the solution for the business requirement, the next question is: How do I successfully deploy VRFs in a large distributed environment at scale, that also allows me to minimize the burden of management while still enforcing tenancy in all the important parts of my network? Most conversations surrounding this question will lead down two solution paths:

  1. VXLAN with EVPN
  2. VRF Lite

Definitions of VXLAN with EVPN and VRF Lite.

VXLAN with EVPN leverages VRFs at every border and leaf switch, while all the intermediate devices (ie. spines, super spines) only see the encapsulated VXLAN traffic, and hence do not need any VRF intelligence or visibility.

A VRF Lite solution is fundamentally simpler since it uses less moving parts. The thought of enabling the EVPN address family and encapsulating traffic into a VXLAN tunnel Continue reading

Kernel of Truth season 3 episode 1: FRRouting update

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

Season three jumps right into the deep end of the networking pool with a discussion on FRRouting. Kernel of Truth hosts Brian O’Sullivan and Roopa Prabhu are joined by a new guest to the podcast, Donald Sharp. With FRR being the hottest Open Routing protocol stack today, the group talks about the recent updates and features that are happening at such a high velocity now. What does that mean for the community? Listen to find out. You can also find more about FRRouting at their website here and Twitter here.

Guest Bios

Brian O’Sullivan: Brian currently heads Product Management for Cumulus Linux. For 15 or so years he’s held software Product Management positions at Juniper Networks as well as other smaller companies. Once he saw the change that was happening in the networking space, he decided to join Cumulus Networks to be a part of the open networking innovation. When not working, Brian is a voracious reader and has held a variety of jobs, including bartending in three countries and working as an extra in a German Continue reading

ONIE 2020 update

Even if it’s free, you still have to sell it. Yet a solution only works if people want to use it.

Last year I became the project lead for ONIE: the Open Network Install Environment. If you’re unfamiliar with this, ONIE is an open source project for installing operating systems on network switches. Manufacturers will start with the core ONIE code, add support for their new hardware (so that their new switch has an industry-standard way of installing an operating system) and then submit those changes back to the ONIE project.

As of 2020, this has happened over two hundred times, along with with well over a thousand contributions of bug fixes and improvements. As these changes are submitted, they need to be quality checked and tested to make sure they build cleanly. When I became the project lead, I had already been working on build tools at Cumulus Networks and decided my first contribution was going to be creating a standard build environment for ONIE that could be deployed anywhere.

This went great until my final test of the new build environment, which was to build every platform ONIE supported, and it didn’t go as well as I’d hoped. Continue reading

Cumulus content roundup: January 2020

We understand the start of the new year can be pretty busy and you may have missed out on some of the great content we shared this month. You’re in luck though, we have the best of the best right here for you so you don’t have to a miss a thing.

January was full of partnership announcements, 2020 predictions, and a lot of great blogs that you can, figuratively speaking, sink you teeth into. Catch up below!

From Cumulus Networks:

It’s a fact: choosing your own hardware means lower TCO:Organizations have diverse needs, and these needs change with time. The ability to select the right hardware for the task can be a competitive advantage. Learn how choosing your own hardware means lower TCO in our blog here.

Kernel of Truth season 2 episode 15: 2019 retrospect and 2020 predictions: Hosts Brian O’Sullivan & Roopa Prabhu are joined by Kernel of Truth podcast guest pros Pete Lumbis and Rama Darbha. Listen to this jam-packed podcast to hear their 2019 retrospect & 2020 predictions. Buzzword teaser: Automation.

Cumulus Networks and Metsi Technologies partner to prepare customers for new wave of tech adoption: We’re excited to announce our partnership with Continue reading

Kernel of Truth: Season 3 Teaser

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

In this episode, we tease what’s coming up for Kernel of Truth’s season 3. Be sure to subscribe to this podcast if you haven’t already so you’re notified when the first episode for season 3 is posted or follow us on Facebook, Twitter and LinkedIn. For behind-the-scenes look of life at Cumulus Networks, follow us on Instagram too.

It’s a fact: choosing your own hardware means lower TCO

An essential part of open networking is the ability to choose your own hardware. This allows for customization of your network to suit business needs, and it can also dramatically reduce your Total Cost of Ownership (TCO). On average, open networking with Cumulus helps customers reduce their capital expenditures (CapEx) by about 45% and operational expenditures (OpEx) in the range of approximately 50% to 75%.

Choosing the right hardware is a big part of these savings. If you compare bare-metal networking equipment with a similar product from a proprietary networking vendor, you’ll quickly find that bare-metal hardware is much less expensive. One reason for this is competition between hardware vendors in the open networking space.

Open networking is a multi-vendor ecosystem. More than 100 switches are certified to work with Cumulus Linux; they’re manufactured by vendors such as Dell, HPE, Mellanox, Supermicro, and others. Unlike with proprietary switches, there’s no vendor lock-in creating a monopoly situation. In the open networking space, vendors compete for sales, and this keeps costs down.

Another factor in lowering costs is the degree of customization available when you have many products to choose from. Choosing your own hardware means buying what you need—and only Continue reading

Kernel of Truth season 2 episode 15: 2019 retrospect and 2020 predictions

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

In this episode, hosts Brian O’Sullivan and Roopa Prabhu are joined by Kernel of Truth podcast guest pros Pete Lumbis and Rama Darbha. The group looks back at 2019, discussing what they learned from the year and then move on to their 2020 predictions. Want a teaser? Automation was a hot topic in 2019 not just on our podcast but with our customers. It’s become less of a “nice to have” and more of a “need to have.” If you’re hungry for more 2019 retrospect and 2020 predictions, be sure to listen to this jam-packed podcast.

Guest Bios

Brian O’Sullivan: Brian currently heads Product Management for Cumulus Linux. For 15 or so years he’s held software Product Management positions at Juniper Networks as well as other smaller companies. Once he saw the change that was happening in the networking space, he decided to join Cumulus Networks to be a part of the open networking innovation. When not working, Brian is a voracious reader and has held a variety of jobs, including bartending in three countries and Continue reading

Benefits of modern campus networking

Call it “trickle-down networking” if you like. But what has long been possible—and even best practice— in data center networking is now moving aggressively into and onto campus networking ecosystems. And with that move companies and organizations can realize numerous benefits in or on the campus networks they own or operate. As readers peruse this list of potential benisons, they’ll undoubtedly hit hot buttons with their users (thanks to increased features and functionality) and with management (thanks to cost savings and improved efficiencies that reduce staff time commitments and involvement).

Delivering key capabilities

With the adoption of data center tools and technologies in campus networks, a handful of key capabilities becomes available throughout. These include Power over Ethernet (PoE), which makes it possible to extend services more easily and affordably, and to integrate Internet of Things (IoT) capabilities more directly (such as sensors, surveillance cameras, ID badge readers and so forth). In addition, networks gain ready access to 802.1X capabilities when they adopt a data center model, including improved and more powerful authentication mechanisms, as well as access and security control.

Moving to data center-oriented networks usually also brings voice VLANs into the networking picture. This not only offers Continue reading

Cumulus content roundup: December 2019

We wrapped up December, and really 2019 with some pretty big news! Project DENT was officially announced and we’re excited for the possibilities will bring. Not sure what project DENT is? Luckily for you, we have all the coverage available for your reading pleasure in this month’s content roundup.

In addition to the DENT news, we also brought you another episode of our Kernel of Truth podcast and some great education blogs. Enjoy them all below!

From Cumulus Networks:

Announcing project DENT: We are now proud contributors to the DENT project! Premier members also include Amazon, Delta Electronics Inc, Marvell, Mellanox, and Wistron NeWeb (WNC). Launched by the Linux Foundation, DENT is networking software designed to simplify enterprise edge networking. Roopa Prabhu, our Chief Linux Architect, shares why the chance to enable networking hardware vendors to leverage the same benefits that all Linux hardware technologies do today has got us so excited to join the project.

Network inventory: what do you have, and should it be there?:How do you defend what you don’t know exists? Establishing & maintaining a network inventory is both a technological & a business process problem— we talk about how a modern Continue reading

Kernel of Truth season 2 episode 14: Infrastructure as code in action

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

In this episode we continue the conversation about “infrastructure as code.” Last time we chatted about it we talked to Nick Mitchell and Eric Pulvino, two of our consultants, and shared not only what it is but what the problems infrastructure as code is solving for and why you should care. In this latest episode we go a step further.​ Kernel of Truth hosts Brian O’Sullivan and Pete Lumbis are joined by​ Anton Karneliuk who talk more about what it is and also discuss how to evolve it, what the challenges are and Anton shares his real-life experiences implemented it at The Hut Group.

Guest Bios

Brian O’Sullivan: Brian currently heads Product Management for Cumulus Linux. For 15 or so years he’s held software Product Management positions at Juniper Networks as well as other smaller companies. Once he saw the change that was happening in the networking space, he decided to join Cumulus Networks to be a part of the open networking innovation. When not working, Brian is a voracious reader and has held a Continue reading

Tenancy and the importance of defining it.

One of the common starting points during the IT architecture process is trying to define and identify tenancy. Part of the problem is that the term “tenant” has various definitions depending on the business unit. As a network engineer, I don’t care about one of those definitions of the word: “Layer 3 subnet isolation with a unified set of routing and security policies.” Trying to communicate that to technical leaders in other IT organizations is hard enough, but trying to communicate this to a non-technical business leader can feel like an impossible task.

The goal then becomes trying to distill the complexities of a tenant into a consumable morsel.

What happened?

In my most recent consulting engagement, I worked with a company that had three key players during the design stage:

  • Server team
  • Network team
  • Business team

We kept using the word “tenancy” thinking we were speaking the same language , but we slowly realized that we weren’t speaking with the same definitions. In my network-first definition, I only cared about the subnets allocated to the servers and whether the servers were able to talk to each other. From my definition of tenancy, any server allocated to a tenant Continue reading

Announcing project DENT

We are excited to announce that Cumulus is joining project DENT!

Project DENT is a huge step for the industry, taking both open networking and Linux networking forward. DENT will help grow the community of open Linux networking vendors and partners, and Cumulus Networks is pleased to be part of this project that aligns with our core values and strengths. We strongly believe in mass innovation with open Linux software, platforms and the Linux community.

Linux ecosystem players have historically benefited from mass innovation. By bringing together vendors, distributors, system integrators and users, DENT enables distributed development and support for open Linux networking operating system for campus and remote networking. We believe this will enable networking hardware vendors to leverage the same benefits that all Linux hardware technologies do today: Open Linux firmware management, platform driver infrastructure, network interface management and Linux tools and ecosystem.

The Cumulus Linux connection

Cumulus Linux is based on the same foundational principles as project DENT with the goal of unifying Networking across distributed systems. This unification comes from its native Linux platform and networking API. Today’s technologies powering hybrid cloud and on-prem infrastructure are distributed systems technologies. Networking is fundamental to distributed systems. Uniformity Continue reading

Network inventory: what do you have, and should it be there?

How do you defend what you don’t know exists? In IT, this is more than just an existential question, or fuel for a philosophical debate. The existence of a complete network inventory—or the lack thereof—has a real-world impact on an organization’s ability to secure their network. Establishing and maintaining a network inventory is both a technological and a business process problem, and serves as an excellent example of the importance of open standards to a modern organization.

Consider for a moment NASA’s Jet Propulsion Laboratory (JPL). In April 2018 the JPL experienced a cybersecurity event. Upon investigation, it was determined that this was caused by someone smuggling an unauthorized Raspberry Pi onto the premises and connecting it to the network.

This incident triggered a security audit, and the results of that June 2019 report were, though not unexpected, still rather disappointing. The auditors’ biggest concern was that the JPL didn’t have a comprehensive, accurate picture of what devices were on its networks, nor did it know whether or not those devices were authorized to be there.

This lack of an up-to-date and automated network inventory led to a successful hack of the JPL via the unauthorized Raspberry Pi. Some Continue reading

Cumulus content roundup: November 2019

There’s a lot to be thankful for this month- and not just for open networking in general. Why? Well we’ve officially headed into the holidays at full steam with the recent Cumulus Linux 4.0 announcement, Cumulus NetQ 2.4 and more!

Catch up on all the latest Cumulus news, releases, and what’s to come in November’s content roundup. If you’re feeling extra thankful, head over to our last #BeEPIC game of 2019 here and share why you’re thankful for open networking. If you do, you’ll be entered to win a LEGO set and Hall of Fame status.

From Cumulus Networks:

Cumulus Networks 4th-Generation open, modern networking for applications of the future: Learn how we’re enabling customers to meet modern network challenges with our 4th-Generation of open, modern software— designed to run and operate modern, data center and campus networks that are simple, open, agile, resilient and scalable.

Kernel of Truth season 2 episode 13: Open networking is not whitebox: In this episode host Brian O’Sullivan is joined by Roopa Prabhu and Pete Lumbis to discuss why open networking is not just whitebox, it’s so much more.

Prevent lateral compromise with microsegmentation: Good network design can minimize the damage incurred Continue reading

Prevent lateral compromise with microsegmentation

It’s an unfortunate reality of information security: Eventually, everyone gets compromised. Manufacturers, banks, tech support companies, retail giants, power plants, municipal governments … these are just some of the sectors that have been affected by high-profile data breaches in recent months. Everyone gets hacked. You will, too.

This isn’t cause for despair. It simply means that effective security has to focus on more than just intrusion prevention. Hackers will eventually get into any network, if they’re willing to spend enough time and money doing so. But whether or not they get anything useful once they’ve gained entry—that’s another story.

Good network design can minimize the damage incurred during an attack. There are more ways to approach this than will fit in a single article, so this blog will only focus on network segmentation, and its smaller sibling, microsegmentation.

What is network segmentation?

Network segmentation is the practice of dividing a network into one or more subsections. Each subsection usually contains different kinds of resources and has different policies about who has access to that segment. There are a variety of ways to accomplish the division.

Network segmentation runs along a spectrum from the purely physical to the purely logical. The Continue reading

Cumulus Networks 4th-Generation open, modern networking for applications of the future

The dynamics of IT are changing, especially when it comes to the demands on the network. As many have predicted, big data, mobile and the Internet of Things are putting significant and ever-increasing pressure on the network. Most networks and legacy management tools, therefore, are unprepared for the added stress placed on already-fragile infrastructures while the rest of the data center has sped ahead.

As more and more data is created and transferred between resources, the network must be increasingly resilient, dynamic and agile to adjust to application demands accordingly. As data and applications become increasingly distributed, there is an inherent architectural dependence on the interconnect, which enables these resources to work in concert to deliver application workloads. That interconnect, the network, must undergo its own transformation to meet the new needs of a modern network.

Our founders at Cumulus Networks recognized the challenges that were mounting nearly a decade ago and set out to build a more modern network, one that is modeled from the web-scale giants including Google, Amazon, and Facebook to better address applications of the future.

I’m very happy to announce that Cumulus Networks is now enabling customers to meet modern network challenges with our 4th-Generation Continue reading

Kernel of Truth season 2 episode 13: Open networking is not whitebox

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

Roopa Prabhu and Roopa’s hype man Pete Lumbis join Kernel of Truth host Brian O’Sullivan to discuss why open networking is not just whitebox, it’s so much more. Between the general advantages of this kind of architecture to the benefits of being backed by the Linux kernel and Linux community— open networking is a great option to have not just now but going forward. Learn how this open development community works together to the advantage of everyone, not just networking, and with companies of all sizes, including hyper-scale ones, improving things like the sanitation of code and so much more. As a special bonus you’ll also learn what to eat in the data center. Spoiler: the answer is nothing but Brian might have an opinion otherwise.

Guest Bios

Brian O’Sullivan: Brian currently heads Product Management for Cumulus Linux. For 15 or so years he’s held software Product Management positions at Juniper Networks as well as other smaller companies. Once he saw the change that was happening in the networking space, he decided to join Cumulus Networks to Continue reading

Cumulus content roundup: October 2019

What could be scarier than non-scalable networking systems, outdated solutions and slow deployment time? Nothing. Luckily for you, there’s none of that in this months content roundup.

We kept busy with a very exciting announcement (hint: it has to do with campus networks) and we think you’ll be excited about it too. Read October’s content roundup to catch up with all the latest Cumulus news, releases, and what’s to come. Happy reading!

From Cumulus Networks:

The ease and importance of scaling in the enterprise: Out with the old and in with the new. Check out this blog by Finn Turner to find out how flexible, scalable network technologies are helping organizations smoothly take their network to the next level.

Securing open source: a brief look at dependency management: Ready to dive into dependency management? This post will cover three categories of dependency management, and which one is the right fit for your project.

How inspiration from your data center can modernize your campus network: While we originally designed Cumulus Linux for data center networking, we’ve now entered into the campus network. Not sure what that entails? Read this informative post by Scott Ciccone to find out about all Continue reading

The ease and importance of scaling in the enterprise

Networks are growing, and growing fast. As enterprises adopt IoT and mobile clients, VPN technologies, virtual machines (VMs), and massively distributed compute and storage, the number of devices—as well as the amount of data being transported over their networks—is rising at an explosive rate. It’s becoming apparent that traditional, manual ways of provisioning don’t scale. Something new needs to be used, and for that, we look toward hyperscalers; companies like Google, Amazon and Microsoft, who’ve been dealing with huge networks almost since the very beginning.

The traditional approach to IT operations has been focused on one server or container at a time. Any attempt at management at scale frequently comes with being locked into a single vendor’s infrastructure and technologies. Unfortunately, today’s enterprises are finding that even the expensive, proprietary management solutions provided by the vendors who have long supported traditional IT practices simply cannot scale, especially when you consider the rapid growth of containerization and VMs that enterprises are now dealing with.

In this blog post, I’ll take a look at how an organization can use open, scalable network technologies—those first created or adopted by the aforementioned hyperscalers—to reduce growing pains. These issues are increasingly relevant as new Continue reading

1 2 3 18