Archive

Category Archives for "ipSpace.net"

Network Automation: Lego Bricks and Death Stars

One of the challenges traditional networking engineers face when starting their network automation journey is the “build or buy” decision: should I use a plethora of small open-source or commercial tools and components and build my own solution, or should I buy a humongous platform from a reassuringly-expensive $vendor.

Most of us were used to buying platforms ranging from CiscoWorks to HP OpenView (oops, Business Technology Optimization Software) or now Cisco’s NSO, so it’s natural that we’re trying to map this confusing new world into old patterns, leading to interesting discussions like the one I had during one of my workshops:

Read more ...

Breaking News: I’m a Vendor Shill

Got this comment on my Network Automation RFP Requirements blog post:

Looks like you are paid shill for Brocade based on the quote earlier in your blog "The Pass/Fail information included below was collected to the best of my knowledge with extensive help from Jason Edelman, Nick Buraglio, David Barroso and several Brocade engineers (THANK YOU!)."

Hooray, one more accolade to add to my list of accomplishments. And now for a few more details:

Read more ...

First Speakers in the Spring 2017 Data Center Course

It’s only two weeks since the last live session of the Autumn 2016 Data Center course in which Mitja Robas did a fantastic job describing a production deployment of VMware NSX on top of Cisco Nexus 9000 network, and we already have the first speakers for the Spring 2017 event:

  • Scott Lowe (now at VMware) will talk about the role of open source in data center infrastructure;
  • Thomas Wacker (UBS AG) will talk about their fully automated data center deployments;
  • Andrew Lerner and Simon Richard (Gartner) will participate in a panel discussion on data center and networking trends.

NAPALM Update on Software Gone Wild

We did a podcast describing NAPALM, an open-source multi-vendor abstraction library, a while ago, and as the project made significant progress in the meantime, it was time for a short update.

NAPALM started as a library that abstracted the intricacies of network device configuration management. Initially it supported configuration replace and merge; in the meantime, they added support for diffs and rollbacks

Read more ...

To API or Not To API

One of my readers left this comment (slightly rephrased) on my Network Automation RFP Requirements blog post:

Given that we look up to our *nix pioneers as standard bearers for system automation, why do we demand an API from network devices? The API requirement would make sense if the vendor OS is a closed system. If an open system vendor creates APIs for applications running on their system (say for BGP configs) - kudos to them, but I no longer think that should be mandated.

He’s right - API is not a mandatory prerequisite for reliable network automation.

Read more ...

Do You Use SSL between Load Balancers and Servers?

One of my readers sent me this question:

Using SSL over the Internet is a must when dealing with sensitive data. What about SSL between data center components (frontend load-balancers and backend web servers for example)? Does it make sense to you? Can the question be summarized as "do I trust my Datacenter network team"? Or is there more at stake?

In the ideal world in which you’d have a totally reliable transport infrastructure the answer would be “There’s no need for SSL across that infrastructure”.

Read more ...

Do Enterprises Need VRFs?

One of my readers sent me a long of questions titled “Do enterprise customers REALLY need VRFs?

The only answer I could give is “it depends” (it’s like asking “Do animals need wings?”), and here’s my attempt at building a decision tree:

You can use the decision tree to figure out whether you need VRFs in your data center or in your enterprise WAN.

Read more ...