Given that my technical background is largely in the networking space (exhibit A, exhibit B, exhibit C(CIE)), one of the first things I tried to wrap my head around when being introduced to AWS is how networking works in the AWS cloud.
What I attempted to do was build a mental model by relating cloud networking constructs such as Virtual Private Cloud (VPC), subnets, and routing tables to on-prem, physical networking constructs. This worked pretty well but I did get tripped up at times because some of these constructs don’t map exactly one-for-one.
This post will explain the mental model I used while also calling attention to the elements or behaviors that don’t map exactly between on-prem and AWS.
The basis for building the model will be a single VM on-prem and a single compute instance in AWS. I’m going to build all the networking constructs around both of these elements, starting from the outer-most layers and working closer and closer to the VM/instance.
On the AWS platform there is no explicit building blocks for Layer 2 connectivity. There’s no “elastic virtual Continue reading
Practical OTV
————-
This post is all about OTV (Overlay Transport Virtualization) on the CSR1000v.
I wanted to create the post because there are alot of acronyms and terminology involved.
A secondary objective was to have a “real” multicast network in the middle, as the examples I have seen around the web, have used a direct P2P network for the DCI.
Instead, I wanted to have full multicast running in the SP core in order to gain a full understanding of the packet forwarding and encapsulation.
First off, lets talk about the topology I will be using:
Datacenters:
————
We have 2 Datacenters, one represented by Site 1 and the other by Site 2.
In the middle, we have what is in all respects a SP provider network. In your environment, this may or may not be your own transport network.
In site 1, CSR-1 is our “server”, basically all thats configured on it is an IP address (192.168.100.1/24) on its G1 interface.
SW-9 is our L2 switch, which is configured with 2 VLAN’s (Vlan 100 (SERVER-VLAN) and Vlan 900 (SITE-VLAN)). The port (e0/0) going to CSR-1 is configured as an access-port in Vlan 100.
The ports Continue reading
The bulk of attacks today are moving up the stack. They may be moving up the stack because app owners aren’t paying attention to their share of security in the cloud.
Not surprisingly it has been a busy 4 months in IoT, and IoT-related work in IETF has been buzzing right along. This post is intended to highlight some of these activities, and to provide a guide to relevant sessions scheduled during the upcoming IETF 103 meeting in Bangkok. Also check out the IETF Journal IoT Category, the IETF IoT page, the IETF IoT Directorate, the Internet Society’s IoT page, or the Online Trust Alliance IoT page for more details about many of these topics.
The IETF Hackathon, held on the weekend preceding the main IETF meeting (November 3-4, 2018), includes several projects directly related to IoT, with the possibility of more being added. Remote participation is available. More information is on the Hackathon wiki. Projects of interest (at the time of this writing) include those relating to:
The Thing-to-Thing Research Group (T2TRG), under the Internet Research Task Force (IRTF), investigates open research issues towards turning the promise of IoT into reality. The research group will be meeting on Tuesday afternoon Continue reading
The platform uses the MEF 63 Optical Transport Services specification focused on Layer 1 orchestration but is not intended as an end-to-end orchestrator.
A few years ago I got cornered by an enthusiastic academic praising the beauties of his cryptography-based system that would (after replacing the whole Internet) solve all the supposed woes we’re facing with BGP today.
His ideas were technically sound, but probably won’t ever see widespread adoption – it doesn’t matter if you have great ideas if there’s not enough motivation to implementing them (The Myths of Innovation is a mandatory reading if you’re interested in these topics).
Read more ...Some workloads demand accelerated and predictable networking performance. Our Network Functions Virtualization (NFV) customers and some of our financial, media, and high-performance computing (HPC) customers deploy these workloads. These workloads process a lot of network traffic. Network traffic in the virtual domain relies heavily on CPU cycles and the number of CPU cores available on the host. These CPU resources are used by the workload to perform its task and by the hypervisor layer to deliver network traffic to and from the application.
In this blog, we discuss the configuration required to achieve accelerated data plane performance in modern multiple NUMA architecture hosts. This blog accompanies a new white paper we just released on the subject. The white paper can be found here.
With the introduction of NSX-T version 2.2, we added a new mode of operations in the NSX-controlled virtual distributed switch. We refer to this switch as N-VDS. This new mode is called Enhanced Data Path and is often indicated as N-VDS (E). N-VDS (E) is one of the core building blocks in achieving accelerated data plane Continue reading
At just shy of 200 million, Nigeria is the most populous country in Africa (Ethiopia is second and Egypt is third). That’s a lot of people to communicate with the world - and communicate they all do!
According to a published report earlier this year, 84% of the Nigerian population own a mobile device (193 million population and 162 million mobile subscriptions). Again, that’s #1 for any country in Africa. But why so connected? Maybe because Nigeria (and Lagos specifically) is always on the move!
Lagos, as those that know the city say, never sleeps, it’s filled with color from the food to fashion to even the diverse people going about their business. The vibrancy of the city is like a hard slap to the face, no matter what you have been told, your first time here will still knock you out. In Lagos, anything is possible, from the sadness of poverty to the clearly visible upper class, the city sucks you in like a surfers dream wave. Visitor come into Lagos and leave feeling like they’ve been through a unique experience. The traffic is mind blowing and the same goes for the work pace.
Lagos, a city always on Continue reading
Given that my technical background is largely in the networking space (exhibit A, exhibit B, exhibit C (CIE)), one of the first things I tried to wrap my head around when being introduced to AWS is how networking works in the AWS cloud.
What I attempted to do was build a mental model by relating cloud networking constructs such as Virtual Private Cloud (VPC), subnets, and routing tables to on-prem, physical networking constructs. This worked pretty well but I did get tripped up at times because some of these constructs don't map exactly one-for-one.
This post will explain the mental model I used while also calling attention to the elements or behaviors that don't map exactly between on-prem and AWS.
Congratulations to the VMware NSX SD-WAN by VeloCloud team for its recognition as a Leader in the first Gartner Magic Quadrant for WAN Edge Infrastructure! The report is the first Magic Quadrant that includes evaluation of SD-WAN vendors and to be named a leader with the position furthest on Completeness of Vision is quite an honor.
VeloCloud, now part of VMware, began with the idea to remedy branch networking issues because the networks of yesterday were optimized to haul traffic back to the datacenter, not to the cloud where applications of today are housed. SD-WAN has solved for this issue amongst a plethora of others, becoming a technology disruptor in a way that nothing else has been in decades.
SD-WAN has, in a very short period of time, transitioned from a networking “nice-to-have” to a necessary component of the network infrastructure. We’re excited to have Gartner recognize another key component of our rapidly growing networking portfolio and integral product in the VMware Virtual Cloud Network vision to provide the connectivity across cloud, data center, branches, end user, and applications regardless of where they will be used.
To download the 2018 Gartner Magic Quadrant on WAN Edge Infrastructure, click here.
Follow VMware NSX Continue reading
The Packet Pushers' Tech Bytes is a short, sponsored interview. Our sponsor is Silver Peak, and today's guest is swyMed, which makes a telemedicine backpack so first responders can videoconference with doctors and nurses from anywhere in the field. Silver Peak's SD-WAN mini-appliance helps enable connectivity and ensure a persistent, high-quality connection.
The post Tech Bytes: SwyMed And Silver Peak Partner On Telemedicine Backpack (Sponsored) appeared first on Packet Pushers.
Employees recently posted a blog protesting the company's plans to bid on the $10 billion, 10-year contract to provide cloud services for all branches of the military.
The work is part of a wider drive to develop 5G in India, boosted by the Centre of Excellence and Innovation Lab for 5G at the Indian Institute of Technology, which Ericsson established in Delhi in July.
Mostafa Ammar, out of Georgia Tech (not my alma mater, but many of my engineering family are alumni there), recently posted an interesting paper titled The Service-Infrastructure Cycle, Ossification, and the Fragmentation of the Internet. I have argued elsewhere that we are seeing the fragmentation of the global Internet into multiple smaller pieces, primarily based on the centralization of content hosting combined with the rational economic decisions of the large-scale hosting services. The paper in hand takes a slightly different path to reach the same conclusion.
The author begins by noting networks are designed to provide a set of services. Each design paradigm not only supports the services it was designed for, but also allows for some headroom, which allows users to deploy new, unanticipated services. Over time, as newer services are deployed, the requirements on the network Continue reading