Archive

Category Archives for "Networking"

Enterprise versus Provider?

Two ideas that are widespread, and need to be addressed—

FANG (read this hyper/web/large scale network operators) have very specific needs; they run custom-built single-purpose software in a very big scale. So all the really want/need are dumb boxes and smart people. … Enterprise have another view, they want smart boxes run by dumb people.

First, there is no enterprise, there are no service providers. There are problems, and there are solutions.

When I was young (and even more foolish than I am now) I worked for a big vendor. When this big vendor split the enterprise and service provider teams, I thought this kindof made sense. After all, providers have completely different requirements, and should therefore run with completely different technologies, equipment, and software. When I thought of providers in those days, I thought of big transit network operators, like AT&T, and Verizon, and Orange, and Level3, and Worldcom, and… The world has changed since then, but our desire to split the world into two neat halves has not.

If you want to split the world into two halves, split it this way: There are companies who consider the network an asset, and companies that consider the network a Continue reading

IDG Contributor Network: Are you ready for your building’s ‘Super Bowl’ of wireless demand?

Beyond the record-setting day of total offense generated in the Philadelphia Eagles' thrilling 41-33 win over the New England Patriots in Super Bowl 52, there was also a record 16.31 terabytes of Wi-Fi data used during the game, the most ever reported for a single-day, single-building event.While you probably won't have to worry about having almost 70,000 people show up at your building for the day, there are plenty of lessons for any big-building owner or operator to learn from how U.S. Bank Stadium in Minneapolis prepared for its "super" wireless stress test, and how you might better prepare for your own big-demand wireless days, whenever they might arrive.To read this article in full, please click here

5 things that will slow your Wi-Fi network

Wi-Fi is quite fickle. The contention between Wi-Fi devices and the dynamic communication medium of the airwaves makes it a sensitive technology with many settings and situations that can slow it down.And even if you aren’t using high-bandwidth devices and applications, faster Wi-Fi is always better.+RELATED: REVIEW: 5 top hardware-based Wi-Fi test tools; 802.11: Wi-Fi standards and speeds explained+To read this article in full, please click here

5 things that will slow your Wi-Fi network

Wi-Fi is quite fickle. The contention between Wi-Fi devices and the dynamic communication medium of the airwaves makes it a sensitive technology with many settings and situations that can slow it down.And even if you aren’t using high-bandwidth devices and applications, faster Wi-Fi is always better.+RELATED: REVIEW: 5 top hardware-based Wi-Fi test tools; 802.11: Wi-Fi standards and speeds explained+To read this article in full, please click here

Automation Isn’t About Building a Button to Press

This is a guest blog post by Carl Buchmann, Managing Solution Consultant at TeraMach. Carl attended the Building Network Automation Solutions online course in 2017.

There is one thing I regret not doing sooner during my automation journey, and that is adopting Git and a proper IDE/text editor that has built-in source control management. I personally use Microsoft Visual Studio Code, as it has Git built in and has many great extensions to validate code syntax.

Read more ...

Understanding IPv6: Link-Local ‘Magic’ (Part 2 of 7)

For those of you new to IPv6, what I am about to show you is going to look a lot like a magic trick. I’m going to bring up an IPv6 IGP neighbor relationship (OSPFv3) between two routers. This doesn’t sound like a magic trick, I know. But what if I told you I am going to do this without putting any IPv6 addresses into the configurations of either routers?

Like any true magician, I must start my magic act with letting you know I have nothing up my sleeves. So let’s review the facts:

  • IPv6 unicast routing is globally enabled on both routers
  • IPv6 OSPFv3 is enabled via the one global command, “ipv6 router ospf 6”
  • Each router has an interface in an out-of-band management network (OOB mgt.) in the subnet 14.14.14.0/24.
  • RouterA is 14.14.14.101 and RouterB is 14.14.14.102 in this OOB management network
  • The IPv4 addresses for the OOB management interfaces are the only IP addresses in the configurations
  • Gig1/0/1 on both routers only has only two IPv6 commands on it, as shown below
  • Router A is monitoring the gig1/0/1 interface and sending the traffic to a Spirent Continue reading

Understanding IPv6: Link-Local ‘Magic’ (Part 2 of 7)

For those of you new to IPv6, what I am about to show you is going to look a lot like a magic trick. I’m going to bring up an IPv6 IGP neighbor relationship (OSPFv3) between two routers. This doesn’t sound like a magic trick, I know. But what if I told you I am going to do this without putting any IPv6 addresses into the configurations of either routers?

Like any true magician, I must start my magic act with letting you know I have nothing up my sleeves. So let’s review the facts:

  • IPv6 unicast routing is globally enabled on both routers
  • IPv6 OSPFv3 is enabled via the one global command, “ipv6 router ospf 6”
  • Each router has an interface in an out-of-band management network (OOB mgt.) in the subnet 14.14.14.0/24.
  • RouterA is 14.14.14.101 and RouterB is 14.14.14.102 in this OOB management network
  • The IPv4 addresses for the OOB management interfaces are the only IP addresses in the configurations
  • Gig1/0/1 on both routers only has only two IPv6 commands on it, as shown below
  • Router A is monitoring the gig1/0/1 interface and sending the traffic to a Spirent Continue reading

Understanding IPv6: The Journey Begins (Part 1 of 7)

IPv6 and I met back in the early 2000s. I really didn’t see the big deal or know what all the RFCs were about. This stuff was easy. Of course, at the time, my thoughts were barely even scratching at the surface, and I still believed IPv6 was just IPv4 with 128 bits. I was in what I now refer to as the “Checklist IPv6” phase.

“Checklist IPv6” was actually a great place for me to start. I had to remember only a few things while I was configuring the routers. Then I could kick back and let the magic of routing protocols work. Voila, IPv6 addresses would show up in the routing table of some other router in the lab. Ping to confirm, and I was done.

IPv6 “I know nothing” phase

The quote “The more you know, the more you realize how much you don’t know. The less you know, the more you think you know,” is attributed to David T. Freeman. I discovered the truth of this as I began digging deeper. The trigger to this phase was when I realized that IPv6 was clearly not IPv4 with 128 bits. When did that happen? When Continue reading

Understanding IPv6: The Journey Begins (Part 1 of 7)

IPv6 and I met back in the early 2000s. I really didn’t see the big deal or know what all the RFCs were about. This stuff was easy. Of course, at the time, my thoughts were barely even scratching at the surface, and I still believed IPv6 was just IPv4 with 128 bits. I was in what I now refer to as the “Checklist IPv6” phase.

“Checklist IPv6” was actually a great place for me to start. I had to remember only a few things while I was configuring the routers. Then I could kick back and let the magic of routing protocols work. Voila, IPv6 addresses would show up in the routing table of some other router in the lab. Ping to confirm, and I was done.

IPv6 “I know nothing” phase

The quote “The more you know, the more you realize how much you don’t know. The less you know, the more you think you know,” is attributed to David T. Freeman. I discovered the truth of this as I began digging deeper. The trigger to this phase was when I realized that IPv6 was clearly not IPv4 with 128 bits. When did that happen? When Continue reading

Firepower FMC API – Initial Observations

As many of you know, I am not a developer but I do occasionally hack stuff together. This article is just some of the initial things I have learned working with the Firepower Management Console API.

A good place to start is the Firepower REST API Quick Start Guide. This can be found at the following URL.

Firepower REST API Quick Start Guide

One thing to note is that there is a recommendation to use a dedicated username for the API. I would go a step beyond that with a recommendation for testing and development. During development, I currently have a username for the FMC UI, a username for the API Explorer and a username for whatever tool I’m working with (Postman or a Python Scripts). The reason for the extra accounts is that logging in to any of the UI’s tends to generate a new token (and invalidate the old one). This causes a constant reauthentication to the Web Interfaces.

Here is a screenshot of Postman doing an initial authentication — Post to retrieve an access token.

Generate Token URL

https://<server-ip>/api/fmc_platform/v1/auth/generatetoken

Sending a post with basic authentication to the URL will produce an “x-auth-access-token”. This is good for 30 minutes Continue reading

Firepower FMC API – Initial Observations

As many of you know, I am not a developer but I do occasionally hack stuff together. This article is just some of the initial things I have learned working with the Firepower Management Console API.

A good place to start is the Firepower REST API Quick Start Guide. This can be found at the following URL.

Firepower REST API Quick Start Guide

One thing to note is that there is a recommendation to use a dedicated username for the API. I would go a step beyond that with a recommendation for testing and development. During development, I currently have a username for the FMC UI, a username for the API Explorer and a username for whatever tool I’m working with (Postman or a Python Scripts). The reason for the extra accounts is that logging in to any of the UI’s tends to generate a new token (and invalidate the old one). This causes a constant reauthentication to the Web Interfaces.

Here is a screenshot of Postman doing an initial authentication — Post to retrieve an access token.

Generate Token URL

https://<server-ip>/api/fmc_platform/v1/auth/generatetoken

Sending a post with basic authentication to the URL will produce an “x-auth-access-token”. This is good for 30 minutes Continue reading

Firepower FMC API – Initial Observations

As many of you know, I am not a developer but I do occasionally hack stuff together. This article is just some of the initial things I have learned working with the Firepower Management Console API.

A good place to start is the Firepower REST API Quick Start Guide. This can be found at the following URL.

Firepower REST API Quick Start Guide

One thing to note is that there is a recommendation to use a dedicated username for the API. I would go a step beyond that with a recommendation for testing and development. During development, I currently have a username for the FMC UI, a username for the API Explorer and a username for whatever tool I’m working with (Postman or a Python Scripts). The reason for the extra accounts is that logging in to any of the UI’s tends to generate a new token (and invalidate the old one). This causes a constant reauthentication to the Web Interfaces.

Here is a screenshot of Postman doing an initial authentication — Post to retrieve an access token.

Generate Token URL

https://<server-ip>/api/fmc_platform/v1/auth/generatetoken

Sending a post with basic authentication to the URL will produce an “x-auth-access-token”. This is good for 30 minutes Continue reading

Starting Today: NDSS Highlights the Best in Internet Security Research

You’ve undoubtedly heard about all sorts of Internet security vulnerabilities and incidents causing harm around the world, but the flip side of all that doom and gloom is all the promising efforts underway to create a more secure, private, and trusted Internet. Starting today and going through Wednesday (18-21 February), the Network and Distributed Systems Security (NDSS) Symposium takes place to present groundbreaking research in the world of Internet security.

This year marks the 25th anniversary of NDSS, and the Internet Society is proud to have been associated with it for over 20 years now. A key focus of the Internet Society has long been improving trust in the global open Internet. In order to promote this trust, we need new and innovative ideas and research on the security and privacy of our connected devices and the Internet that brings them together. NDSS is a top tier forum for highlighting this research.

NDSS 2018 is four full days featuring:

The Week in Internet News: Can Blockchain Improve IoT?

Blockchain merges with IoT? Could Blockchain technology help the Internet of Things become more resilient? IBM thinks so. The company is exploring ways to use Blockchain to build trust between devices and to accelerate transactions on the IoT. EETimes explores the issue.

Grand Theft IoT: Someone involved in the online community for the video game, “Grand Theft Auto: San Andreas” has spun up a new botnet made up of IoT devices, according to security firm Radware. For the price of $20, the botnet can supposedly launch a 300gbps Distributed Denial of Service attack, reports Motherboard.

AI on the rise: Nearly after of all CIOs have plans to implement artificial intelligence in the future, according to a recent Gartner survey. The IT research firm recommends that companies rolling out AI projects aim low to start, and focus augmenting workers instead of replacing them, according to a story on TechRepublic.

Where the jobs are: For a time, it appeared that actual deployments of Blockchain seemed to be lagging behind the buzz. But that appears to be changing, with Blockchain developers now in high demand, TechCrunch reports. Blockchain jobs are the second fastest growing category in the labor market, with 14 job openings Continue reading

Linux: To recurse or not

Linux and recursion are on very good speaking terms. In fact, a number of Linux command recurse without ever being asked while others have to be coaxed with just the right option. When is recursion most helpful and how can you use it to make your tasks easier? Let’s run through some useful examples and see.Easy recursion with ls First, the ls command seems like a good place to start. This command will only list the files and directories in the current or specified directory unless asked to work a little harder. It will include the contents of directories only if you add a -R option. It provides a -r option, but that option causes the listing to be in reverse order as shown below while -R delves into the various subdirectories.To read this article in full, please click here