Dell EMC Taps ADVA for On-Board VNF Portfolio
Riding on Dell EMC’s VEP4600, a universal CPE (uCPE), ADVA’s Ensemble Connector can consolidate...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Equinix Rolls Out Network Edge VNFs With Cisco, Juniper, and Palo Alto Networks
The VNFs are initially launching in five locations: London; Amsterdam; Singapore; California's...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Microsoft and Arista Cloud Decade
As we celebrate the 5thAnniversary of Arista’s IPO this week at NYSE, we pause to reflect on this key milestone. Arista’s results are a tribute to the customers who chose us, appreciated our innovative technology and stood by us through our highs and lows. One key customer who played a pivotal part in the decade was Microsoft. Microsoft coincidentally was destined to be a part of our journey since 2008 when we were searching for a new name for our company. Our top choice was Azure, but the domain name was taken just a few weeks before we started our naming effort. Since then, Microsoft redefined the public cloud with Azure and Arista has become a critical foundation to enabling the scale, reach, reliability, and performance that have become synonymous with the Azure cloud.
Generalize the Network-as-Graph Data Model
Remember the avoid duplicate data in network automation data models challenge and the restructuring we did to represent a network as a graph.
Well, I was not happy with the end result - I hated the complexity of supporting Jinja2 templates that had to check left- and right nodes of a link, so I generalized the data structure a bit, and all of a sudden I could model stub interfaces, P2P links and multi-access networks.
Campus design feature set-up : Part 4
In case you’ve missed the first three blogs, I’ve been showing you how to set up the CL 3.7.5 campus feature: Multi-Domain Authentication. This is a 6-part blog series and we’re officially past the half-way point.In blogs 1-3 we covered Wired 802.1x using Aruba ClearPass, Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass. We’ll also have guides for Wired 802.1x using Cisco ISE, Wired MAC Authentication using Cisco ISE, and Multi-Domain Authentication using Cisco ISE. So yes, we’ve got all the bases covered.
In this fourth guide, I’ll be sharing how to enable wired 802.1X authentication in Cumulus Linux 3.7.5+ using Cisco ISE (Identity Services Engine) 2.4 Patch 8.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Cisco ISE.
Cisco ISE Configuration:
1. Add a Cumulus Switch group to Cisco ISE:
First, we are going to add a Network Device Group to Cisco ISE:
Administration > Network Resources > Network Device Groups. Click the “+Add” button
Make sure to set the “Parent Group” to “All Device Types.” The result will look like the following:
2. Adding Continue reading
Huawei Exits Submarine Cable Business
The vendor inked a deal to sell its majority stake in Huawei Marine Systems, an undersea cable...
Copyright 2019 SDxCentral, LLC; For non-commercial use
When should you use IPv6 PA space?
I was reading RFC8475 this week, which describes some IPv6 multihoming ‘net connection solutions. This set me to thinking about when you should uses IPv6 PA space. To begin, it’s useful to review the concept of IPv6 PI and PA space.
PI, or provider independent, space, is assigned by a regional routing registry to network operators who can show they need an address space that is not tied to a service provider. These requirements generally involve having a specific number of hosts, showing growth in the number of IPv6 addresses used over time, and other factors which depend on the regional registry providing the address space. PA, or provider assigned, IPv6 addresses can be assigned by a provider from their PI pool to an operator to which they are providing connectivity service.
There are two main differences between these two kinds of addresses. PI space is portable, which means the operator can take the address space when them when they change providers. PI space is also fixed; it is (generally) safe to use PI space as you might private or other IP address spaces; you can assign them to individual subnets, hosts, etc., and count on them remaining the Continue reading
SDxCentral’s Top 10 Articles — May 2019
Thrangycat attacks Cisco routers, firewalls; Nutanix’s Sunil Potti Leaves for Google; and...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Infineon Will Pay $10B for Cypress in Latest Chip Deal
Cypress specializes in chips for connected devices. Buying the San Jose, California-based company...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Juniper Scores Deal to Power BT’s Unified Cloud Network, 5G
BT will use Juniper’s Contrail SDN, AppFormix monitoring software, and QFX Series ethernet...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Link: Incompetent, privileged individuals are more likely to act smart — and get away with it
Self-belief and privilege combines to be 'move fast and break things' ?
The post Link: Incompetent, privileged individuals are more likely to act smart — and get away with it appeared first on EtherealMind.
The Week in Internet News: Germany Considers Banning Encryption on Chat Apps
Transparent chatting: The German Ministry of the Interior is considering new regulations that would ban end-to-end encryption on chat apps, The Register reports. The proposed rules would require operators of chat services to provide plain-text records of users’ chats under court order. Meanwhile, by saying it sometimes needs access to user communications, Facebook is creating a blueprint for German officials, Forbes says.
No, thanks: In other anti-encryption news, the U.K. Government Communications Headquarters, or GCHQ, has issued its own proposal to allow spy agencies to listen into chat and other encrypted communications. But U.S. tech companies, cryptography experts, and human rights groups, lined up in opposition to the proposal, notes Fortune. The Internet Society has also added its name to the letter.
Attacking encryption another way: Meanwhile, a new study suggests a quantum computer could break 2048-bit RSA encryption in about eight hours, reports the MIT Technology Review. The researchers “have found a more efficient way for quantum computers to perform the code-breaking calculations, reducing the resources they require by orders of magnitude.”
No need to ban encryption on the IoT: At the risk of this being too encryption-focused this week, we look at one more related story: Continue reading
Network Break 237: Standards Bodies About-Face On Huawei; Will China’s Military Dump Windows?
Today's Network Break podcast examines the latest twists in the Huawei vs. USA battle, speculates on China's threat to ban Windows from military computers, explores a new telemetry feature from Mellanox, discusses Google's moves to deprecate ad-blocking features in Chrome, and more tech news.
The post Network Break 237: Standards Bodies About-Face On Huawei; Will China’s Military Dump Windows? appeared first on Packet Pushers.
Tech Bytes: Network And Performance Monitoring With NetBeez (Sponsored)
Tech Bytes welcomes sponsor NetBeez to talk network and performance monitoring from the end user perspective. CEO and cofounder Stefano Gridelli talks about how NetBeez works, the tests it performs, and what customers are doing with it.
The post Tech Bytes: Network And Performance Monitoring With NetBeez (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Network And Performance Monitoring With NetBeez (Sponsored)
Tech Bytes welcomes sponsor NetBeez to talk network and performance monitoring from the end user perspective. CEO and cofounder Stefano Gridelli talks about how NetBeez works, the tests it performs, and what customers are doing with it.Grafana and Influx – Infrastructure Engineers Language
If you want to understand what Infra engineer speaks and use a tool provided by them you need to have some exposure to the tool itself, you don’t have to be an expert.
Monitoring systems that I see nowadays are mostly centric around Prometheus while the Database used for storing any time-series events is InfluxDB. How do you actually map beautifully, its via Grafana
Grafana – https://grafana.com/
Influxdb – https://www.influxdata.com/
Prometheus – https://prometheus.io/
Now the problem here is that many tools are programmed on a daily basis, from a Network Engineer point of view I understood a few things.
Not everything you need to know the end to end like an Expert for that tool and some choices is purely based on Cost than anything else.
How would you really understand this? I set up a BME680 sensor in my home and will precisely use Grafana and Influx to map the recordings
Tools Used
https://learn.adafruit.com/adafruit-bme680-humidity-temperature-barometic-pressure-voc-gas
Raspberry Pi 3
Docker Images – Grafana and Influx
Sample Influx Script – https://github.com/yukthr/auts/blob/master/random_programs/influx-test.py
And finally Beautiful Grafana
All of this is open source and are not hard after the invent of Docker. Give Continue reading
Know Thy Environment Before Redesigning It
A while ago I had an interesting consulting engagement: a multinational organization wanted to migrate off global Carrier Ethernet VPN (with routers at the edges) to MPLS/VPN.
While that sounds like the right thing to do (after all, L3 must be better than L2, right?) in that particular case they wanted to combine the provider VPN with Internet-based IPsec VPN… and doing that in parallel with MPLS/VPN tends to become an interesting exercise in “how convoluted can I make my design before I give up and migrate to BGP”.
Read more ...