IPv6 Is Tactical, NDN Is Strategic
Enterprises should limit their investment in IPv6, a tactical protocol that Named Data Networking will displace.
Organizations Need IT Experts Who Know Basic LAN/WAN Switching and Routing
As the network continues to evolve and change, IT professionals have to adapt and learn in order to keep up, and employers must find ways to verify that perspective.
The Week in Internet News: Startup Cash for Spy-o-T
Investing in hacking IoT: A startup in Israel has raised $12.5 million in investments to help governments hack the Internet of Things and other technologies, Forbes reports. What could go wrong? Toka says it’ll provide spy tools for whatever device its clients require, with a special focus on the IoT.
Encryption wars, part 348: U.S. FBI Director Christopher Wray says legislation allowing law enforcement agencies access to encrypted devices may be necessary if the government and private vendors cannot come to a compromise, Cyberscoop reports. The FBI has, for several years, complained that its investigations are hampered by encrypted devices, although many security experts say encryption backdoors will make us all less safe.
AI for good: More than 2,000 Artificial Intelligence experts have signed a pledge saying they will not participate in the development of legal, autonomous weapons systems, Gizmodo reports. Autonomous weapons posed a “clear and present danger to the citizens of every country in the world,” the pledge says.
Clamping down: The government in Iraq shut down the Internet for two days in response to protests there, CircleID says. The government ordered the disconnection of the fiber backbone that carries traffic for most of the country Continue reading
Cisco, Ciena, Huawei, and Nokia Lead Optical Vendors, IHS Says
IHS said that the top optical equipment vendors posted more than $1 billion in revenues last year. Worldwide, Huawei remains the market heavyweight.
Network Break 194: Amazon Spooks Switch Vendors; Big Switch Brings VPCs On Prem
Take a Network Break! Today we’re joined by guest John Fruehe. Amazon sent shock waves through the networking industry on rumors it might sell whitebox switches to the enterprise. The cloud giant says it has no current plans, but we examine other ways AWS might get into your network.
AWS adds EC2 instances to its Snowball edge storage device, and Big Switch Networks rolls out new software to enable VPC-like networking in your private data center.
A British government agency dings Huawei on national security, Deutsche Telekom joins Linux Foundation Networking, and Cato Networks adds identity routing to its SD-WAN offering.
Last but not least, Cisco releases more than two dozen security advisories, and Microsoft rakes in the money in its fourth quarter and fiscal 2018 financial reports.
Get links to all these news stories below.
Sponsor: Packet Pushers Ignition
The Packet Pushers have launched a brand new membership site called Ignition. Ignition offers free and premium memberships and hosts exclusive content for subscribers, including videos, reports, blogs, and more. Check it out at ignition.packetpushers.net.
Show Links:
Exclusive: Amazon denies it will challenge Cisco with switch sales – MarketWatch
Video: Amazon To Sell Whitebox ? Analysis and Thinking Because Continue reading
Network Monitoring in the Cloud: 3 Options
A look at ways network teams can keep an eye on network performance as enterprises connect to public cloud services.
Container Best Practices: Applying ‘Old’ Rules
The container craze may be new, but organizations can use some traditional IT practices to manage Linux container deployments.
How Smart Routing Enables Distributed Transformation For Remote Locations
Learn how smart routing can enable distributed transformation for even the most remote locations through session migration, duplication, and optimization.Juniper QFX | VMware NSX Edge Gateway | BGP Peering
In this post, I’m going to explain how to establish a BGP peering session between Juniper QFX Series Switches and VMware NSX Edge Service Gateway. VMware NSX provides many features and services, one of which is dynamic routing via the use of an ESG. Typically, ESGs are placed at the edge of your virtual infrastructure to act as a gateway. There are two primary deployment options, stateful HA or non-stateful ECMP. In this example, we’re looking at the ECMP deployment option.
Overview
We have a pair of Juniper QFX5110 switches that we will configure to enable EBGP peering with each NSX Edge Gateway. We also have a pair of NSX Edge Gateway devices that are placed at the edge of a virtualized infrastructure. Each QFX has a /31 point-to-point network to each ESG. These networks are enabled via 802.1q subinterfaces which provide connectivity across the underlying blade chassis interconnect modules.
Topology
IP | AS Deets
NSX
We’ll start by configuring BGP on our NSX Edge Gateways.
ESG1
Global Routing Configuration
Via global settings for ESG1, we need to set a Router ID. The router ID is used to identify from where a packet is received.
ESG1 > Manage > Continue reading
Overview of ipSpace.net Training Options
Describe the differences between various ipSpace.net training options has been on my to-do list for ages, but I successfully managed to ignore it till I deployed the new top-level menu that contains training category.
Our designers never considered menu items without a corresponding link, so I got an ugly mess that needed to be cleaned up either by fixing the CSS or writing the overview document.
End result: a high-level document describing how ipSpace.net webinars, courses and workshops fit into the bigger picture.
During the summer break, I’m publishing blog posts about the projects I’m working on. Regular blog posts will return in autumn.
Automating My World
I’ve told this story 984828934 time in the past year, but bear with me. We got a new director-type last year, and he has challenged all of us to do things differently. As in everything. Anything that we’re doing today should be done differently by next year. This isn’t saying that we’re doing things wrong. This is just a challenge mix things up, integrate new tools, and get rid of the noise. Our group has responded big-time, and we’re now doing most of our day-to-day tasks with a tool of some kind. A couple weeks ago, I realized that I did a whole day’s work without logging directly into any gear — everything was through a tool. It was a proud moment for me and the group.
To kick off this new adventure, we’re starting with writing all our own stuff in-house; we’re obviously not talking about a full, commercial orchestration deployment here. We’ve talking about taking care of the menial tasks that we are way too expensive to be doing. Simple tasks. Common tasks. Repeatable tasks. All game. What’s the MAC address of that host? Continue reading
MPLS Intro Series – Customer Connection with BGP
In the last article, we performed a packet walk of a simple VPNv4 network. This article will expand our deployment by allowing the CE_Sites to advertise their own routes via BGP. For this configuration, we will use some overlapping and some unique private AS numbers.
One thing that must be considered is whether or not the same BGP AS is used throughout a given VRF. For example, if we use 64512 at both CE_Site_1 and CE_Site_2 the BGP routes will be dropped as they are advertised toward the customer site. This is demonstrated by doing a simple configuration to advertise 1.1.1.1 from CE_Site_1.
CE_Site_1 BGP Configuration
interface Loopback0 description Loopback ip address 1.1.1.1 255.255.255.255 ! router bgp 64512 bgp log-neighbor-changes network 1.1.1.1 mask 255.255.255.255 neighbor 10.1.1.1 remote-as 1
PE1 vrf RED – BGP Configuration and Verification (success)
router bgp 1 ! no bgp default ipv4-unicast neighbor 20.20.20.20 remote-as 1 neighbor 20.20.20.20 update-source Loopback0 ! address-family vpnv4 neighbor 20.20.20.20 activate neighbor 20.20.20.20 send-community both exit-address-family ! address-family ipv4 vrf RED redistribute connected neighbor 10.1. Continue reading