While most readers, commenters, and Twitterati agreed with my take on the uselessness of OSPF areas and inter-area summarization in 21st century, a few of them pointed out that in practice, the theory and practice are not the same. Unfortunately, most of those counterexamples failed due to broken implementations or vendor “optimizations”.
Read more ...Does it make sense to run OpenStack on top of VMware infrastructure? How well does NSX work as a Neutron plug-in? Marcos Hernandez answered these questions (and a lot of others) in the Episode 61 of Software Gone Wild (admittedly after a short marketing pitch in the first 10 minutes).
One of my readers left this question on the blog post resurfacing the idea of running BGP between servers and ToR switches:
When using BGP on a VM for mobility, what is the best way to establish a peer relationship with a new TOR switch after a live migration? The VM won't inherently know the peer address or the ASN.
As always, the correct answer is it depends.
Read more ...Marcel Reuter sent me a few questions about my upcoming Network Automation workshop. You might find them interesting, so here they are:
We have a lab with virtual IOS-XE, IOS-XR and Junos (vMX) router. I would like to learn how to provisioning the Lab router.
Covered in the workshop. I’m focusing on vIOS (which is pretty close to IOS Classic and IOS-XE) and Nexus OS because that’s what I can get up and running quickly in VIRL.
Read more ...One of my ExpertExpress design discussions focused on WAN network design and the need for OSPF areas and summarization (the customer had random addressing and the engineers wondered whether it makes sense to renumber the network to get better summarization).
I was struggling with the question of whether we still need OSPF areas and summarization in 2016 for a long time. Here are my thoughts on the topic; please share yours in the comments.
Read more ...In the Leaf-and-Spine Fabric Designs webinar series we started with the simplest possible design: non-redundant server connectivity with bridging within a ToR switch and routing across the fabric.
After I explained the basics (including routing protocol selection, route summarization, link aggregation and addressing guidelines), Dinesh Dutt described how network architects use BGP when building leaf-and-spine fabrics.
Eluehike Chedu asked an interesting question after my explanation of why stretched ACI fabric (or alternatives, see below) is the least horrible way of stretching a subnet: What about OTV?
Time to go back to the basics. As Dinesh Dutt explained in our Routing on Hosts webinar, there are (at least) three reasons why people want to see stretched subnets:
Read more ...One of my readers sent me this question:
Have you written something about assessment and planning for migration of traditional in-premise data center network to private or public cloud? There would be hundreds of things to check during assessment and then plan accordingly.
Academically, that’s a wrong way of approaching the problem.
Read more ...When I talk about network automation with enterprise engineers I usually get responses along the lines of “That’s interesting, but it will never happen in my organization. That’s what startups or cloud providers do.”
They couldn’t be more wrong: Thomas Wacker from UBS (one of the top 20 global financial services companies in case you don’t recognize the name) will describe how UBS uses network automation in new data center deployments during our Network Automation DIGS SDN event on September 1st, and we’ll spend the rest of the afternoon focusing on how you could get started and what your first network automation project should be.
Read more ...Andrew wondered how one could scale the L3-only data center networking approach I outlined in this blog post and asked:
When dealing with guests on each host, if each host injects a /32 for each guest, by the time the routes are on the spine, you're potentially well past the 128k route limit. Can you elaborate on how this can scale beyond 128k routes?
Short answer: it won’t.
Read more ...Software Gone Wild podcast is well into its toddler years and it was time for a teambuilding exercise. Just kidding – we wanted to test new tools and decided to discuss the vacation experiences and podcast ideas while doing that.
On a more serious note: we’re always looking for cool projects, implementations and ideas. Contact us at podcast (-the weird sign-) ipspace.net.
My “this is why you need automation” blog post triggered numerous comments and tweets. I loved this one:
What if the mistake was embedded into the automation process/tool (designed by humans) in the first place? Now you have a video series titled "Automation Gone Wild".
I guess this tweet is a priceless answer to that question:
Read more ...One of my subscribers considered attending the Virtual Firewalls workshop on September 1st and asked:
Would it make sense to attend the workshop? How is it different from the Virtual Firewalls webinar? Will it be recorded?
The last answer is easy: No. Now for the other two.
Read more ...Decades ago I got involved in another interesting project: let’s build our own file server operating system on top of Z80 CPU. Yes, I was at university (how did you guess?) and No, it never really took off.
Jeff Sicuranza left a great comment to one of my blog posts:
Still basically the same old debate from 25 years ago that experienced Network Architects and Engineers understood during technology changes; "Do you architect your network around an application(s) or do you architect your application(s) around your network"
I would change that to “the same meaningless debate”. Networking is infrastructure; it’s time we grow up and get used to it.
Read more ...I spent the last week creating numerous scenarios using Ansible networking modules for my upcoming Network Automation workshop. The scenarios use Cisco IOS and Nexus OS modules as I used VIRL for network simulation, but you could easily adapt them to other networking devices.
All the scenarios I’m covering in the workshop are available in my Github repository; to get the them explained you’ll have to attend the workshop. Enjoy!
One of my users couldn’t get the inter-VRF NAT to work after watching the DMVPN webinars (no real surprise there, the VRF lite concept is covered in more details in the Enterprise MPLS/VPN webinar) so I decided to write a short document describing the details.
After the fantastic Docker 101 webinar by Matt Oswalt a few people approached me saying “that was great, but we’d need something more on Docker networking”, and during one of my frequent chats with Dinesh Dutt he mentioned that he already had the slides covering that topic.
Problem solved… and Dinesh decided to do it as a free webinar (thank you!), so all you have to do is register. Hurry up, there are only 1000 places left ;)
Failure to use DNS, IP addresses embedded in the code, ignoring the physical realities (like bandwidth and latency)… the list of mistakes that eventually get dumped into networking engineer’s lap is depressing.
It’s easy to reach the conclusion that the people making those mistakes must be stupid or lazy… but in reality most of them never realized they were causing someone else problems because nobody told them so.
Read more ...After I completed the LAN-over-RS-232 project, it was obvious (well, not in retrospect) that the solution to every problem must be Z80 computers connected with some crazy RS-232 wiring. A few years later we had to write an application to support rally races. Guess what the solution was ;)