A while ago Christer Swartz explained how a Palo Alto firewall integrates with VMware NSX. In the meantime, Palo Alto announced integration with Cisco ACI and OpenStack, and it was time for another podcast with Christer deep-diving into the technical details of these integrations.
Spoiler: It’s not OpFlex. For more details, listen to Episode 53 of Software Gone Wild
It’s amazing how interesting questions come in batches: within 24 hours two friends asked me what I think about writing books. Here’s a summary of my replies (as always, full of opinions and heavily biased), and if you’re a fellow book author with strong opinions, please leave them in the comments.
Read more ...I’ve been telling you to build small-to-midsized data center with two switches for years ;) A few weeks ago I’ve turned the presentation I had on that topic into a webinar and the first video from that webinar (now part of Designing Private Cloud Infrastructure) is already public.
Long story short: I burned out last autumn and still haven’t recovered.
I managed to find a replacement instructor for three of my workshops, so I hope they’ll still take place. I’m also working on other ways of delivering them to whoever is interested in an interactive live session.
To all the people who wanted to meet me in Las Vegas: I’m really sorry I’ll miss you. Interop was always a great place for interesting conversations and awesome workshop audiences.
Some people conflate SDN with whitebox switches preferably running Linux. So what exactly is software-hardware disaggregation, and how do whitebox switches and third-party network operating systems fit into the bigger picture?
I tried to answer these questions in the SDN is not whitebox switching part of (free) Introduction to SDN webinar.
One of my readers sent me this question:
Considering I know nothing about anything SDN-related (and considering it seems "SDN" means something different depending to whom you are asking), where should someone with no knowledge of SDN start?
The obvious answer: sdn.ipSpace.net. On a more serious note:
Read more ...I had a great chat with Enno Rey the morning before Troopers 2016 started in which he he made an interesting remark:
I disagree with your idea of running BGP on servers because I think sysadmins shouldn’t be involved with routing.
As (almost) always, it turned out that we were still in violent agreement ;)
Read more ...Mr. A. Anonymous, frequent contributor to my blog posts left this bit of wisdom comment on the VMware NSX Update blog post:
I don't understand the statement that "whole NSX domain remains a single failure domain" because the 3 NSX controllers are deployed in the site with primary NSX manager.
I admit I was a bit imprecise (wasn’t the first time), but is it really that hard to ask oneself “what happens if the DCI link fails?”
Read more ...Imagine you want to have an IPv6-only access network and transport residual IPv4 traffic tunneled across it. Sounds great, but you need to terminate those tunnels and encapsulate/decapsulate IPv4 traffic at multi-gigabit rate.
There are plenty of reassuringly-expensive hardware solutions that can do that, or you could work with really smart people and get software-based solution that can do 20 Gbps per CPU core.
Read more ...I had a sweet problem with ipSpace.net webinars for quite a while: there are way more ideas than available time. However, a few days ago I stumbled upon a great tip on Trello blog and immediately decided to use it.
Result: list of future ipSpace.net webinars as a Trello board.
Read more ...This article was initially sent to my SDN mailing list. To register for SDN tips, updates, and special offers, click here.
Usman asked a few questions in his comment on my blog, including:
At the moment, local RIB gets downloaded to FIB and we get packet forwarding on a router. If we start evaluating too many fields (PBR) and (assume) are able to push these policies to the FIB - what would become of the FIB table size?
Short answer: It would explode ;)
Read more ...Almost a year ago I wrote a blog post explaining why I don’t think our future lies in becoming programmers. In the meantime, I found two interesting articles explaining the same idea from a programmer’s point-of-view:
Read more ...Salman left an interesting comment on my Running BGP on Servers blog post:
My prior counterparts thought running OSPF on Mainframes was a good idea. Then we had a routing blackhole due to misconfiguration on the server. Twice! The main issue was the Mainframe admins lack of networking/OSPF knowledge.
Well, there’s a reason OSPF is called Interior Routing Protocol.
Read more ...When someone starts complaining about networking device CLI, remind him that other parts of IT aren’t doing much better. For example, it’s oh-so-easy to install a package on Linux or OSX.
I spent the first half of the Introduction to SDN webinar explaining various attempts at defining SDN, and the obvious place to start was the centralized control plane mantra.
This part of the webinar is now public; to access the rest of the webinar, register on my web site.
Daniel Dib wrote a great series of BGP-related blog posts well worth reading.
Daniel is looking at BGP from the WAN/ISP perspective; if you want to know more about running BGP in the data center, watch the videos I recorded with Dinesh Dutt a few days ago.
The featured webinar in March 2016 is the Leaf-and-Spine Designs update to the Leaf-and-Spine Fabrics webinar, and in the featured videos (the ones marked with a star) you'll find in-depth explanation of BGP features available in Cumulus Linux, including a cool trick that allows you to run EBGP sessions across unnumbered interfaces.
Read more ...My latest spanning tree protocol (STP) posts generated numerous comments, some of them so relevant that I decided to summarize them into another blog post.
The unidirectional link scenario mentioned by Antonio is pretty well known:
Read more ...A while ago I guestimated that most private clouds don’t have more than a few thousand VMs, and that they don’t need more bandwidth than what two ToR switches could provide.
Last autumn Iwan Rahabok published a blog post describing the compute- and storage parts of it, and I had a presentation describing the networking aspects of high-density consolidation. However…
Read more ...After explaining the basics of BGP-LS and PCEP, and a quick deep dive into BGP-LS, Julian Lucek focused on the second topic of his excellent webinar and described the details of Path Computation Element Protocol (PCEP).