Archive

Category Archives for "Networking"

Episode 15 – Characteristics of a Well Run Network

In episode 15, Pete Welcher and Chris Kane join us to talk about what exactly characterizes a well run network. Is it great documentation? Is it consistent application of best practices? Maybe it’s process and procedure? Join our guests, and the decades of experience they bring, as they sit around the virtual roundtable to share their thoughts on the topic.

 

Show Notes

Design

  • Keep it simple. Just because you can, doesn’t mean you should
  • Complexity is not just a networking attribute, it’s an overall system attribute
  • Proper design leads to simplicity (most of the time)
  • What technologies are simple? How do you recognize complexity? Is vendor lock-in one indicator? Network management software / API lock-in another growing one?
  • There are some pretty simple campus/user, datacenter, Internet Edge, and WAN approaches Big organizations can handle and may need a bit more complexity — or not
  • Modularity- too many moving parts that have to work together = complex

Operations

  • Transparent Network. It just works
  • Able to easily implement changes
  • Agnostic to both today’s needs and flexible to absorb tomorrow’s needs
  • Up-to-date diagrams and documentation matter
    • Organized around OSI layers
    • Documented naming conventions with fixed fields
    • MTTR e.g. from NetMRI and Continue reading

Episode 15 – Characteristics of a Well Run Network

In episode 15, Pete Welcher and Chris Kane join us to talk about what exactly characterizes a well run network. Is it great documentation? Is it consistent application of best practices? Maybe it’s process and procedure? Join our guests, and the decades of experience they bring, as they sit around the virtual roundtable to share their thoughts on the topic.

 

Show Notes

Design

  • Keep it simple. Just because you can, doesn’t mean you should
  • Complexity is not just a networking attribute, it’s an overall system attribute
  • Proper design leads to simplicity (most of the time)
  • What technologies are simple? How do you recognize complexity? Is vendor lock-in one indicator? Network management software / API lock-in another growing one?
  • There are some pretty simple campus/user, datacenter, Internet Edge, and WAN approaches Big organizations can handle and may need a bit more complexity — or not
  • Modularity- too many moving parts that have to work together = complex

Operations

  • Transparent Network. It just works
  • Able to easily implement changes
  • Agnostic to both today’s needs and flexible to absorb tomorrow’s needs
  • Up-to-date diagrams and documentation matter
    • Organized around OSI layers
    • Documented naming conventions with fixed fields
    • MTTR e.g. from NetMRI and Continue reading

Linux command line tools for working with non-Linux users

I spend most of my computing life in the Shell (command line, terminal or whatever you want to call it on your platform of choice). This can be a bit challenging, though, when I need to work with large groups of other people, especially in big enterprise companies that — well — use anything but the Shell.The problems that crop up are made worse when other people within your company use a different platform than you. I tend to use Linux. If I’m doing a lot of my daily work from a Linux terminal and the bulk of my co-workers use Windows 10 (entirely from the GUI side), things can get … problematic.Also on Network World: 11 pointless but awesome Linux terminal tricks Luckily, over the past few years, I’ve figured out how to deal with these problems. I’ve found ways to make using a Linux (or other Unix-like systems) Shell much more doable within a non-Unix, corporate environment. These tools/tips apply equally well for SysAdmins working on a company’s servers as they do for developers or marketing people.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Giving thanks to your data center manager

What do the peaking colors of fall foliage, the nighttime appearance of the hunter’s moon, and escalating college football and NFL rivalries indicate? That autumn has officially arrived, and Thanksgiving is right around the corner.Thanksgiving is primarily associated with family and friends gathering together, enjoying an uncomfortable amount of turkey, stuffing and pumpkin pie, and then lapsing into a tryptophan and sugar-induced state of semi-consciousness. While Americans may also associate Thanksgiving with the Plymouth colonists and Wampanoag Indians, the holiday actually spans cultures, continents and millennia. In ancient times, the Egyptians, Greeks and Romans all feasted and paid tribute to their deities as an annual celebration of the harvest and its bounty.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Giving thanks to your data center manager

What do the peaking colors of fall foliage, the nighttime appearance of the hunter’s moon, and escalating college football and NFL rivalries indicate? That autumn has officially arrived, and Thanksgiving is right around the corner.Thanksgiving is primarily associated with family and friends gathering together, enjoying an uncomfortable amount of turkey, stuffing and pumpkin pie, and then lapsing into a tryptophan and sugar-induced state of semi-consciousness. While Americans may also associate Thanksgiving with the Plymouth colonists and Wampanoag Indians, the holiday actually spans cultures, continents and millennia. In ancient times, the Egyptians, Greeks and Romans all feasted and paid tribute to their deities as an annual celebration of the harvest and its bounty.To read this article in full or to leave a comment, please click here

IBM’s latest private cloud is built on Kubernetes, and is aimed at Microsoft

IBM today announced a new version of its private cloud platform that supports the popular open source application container platform Kubernetes.IBM Cloud Private gives customers an option to deploy applications on to the private cloud software in three ways: Either through Kubernetes, through the container management platform Cloud Foundry, or through traditional virtual machines. IBM says the private cloud management software also allows customers to run other legacy apps in containers and connect them to off-premises resources.+MORE AT NETWORK WORLD: What is hybrid cloud computing? +To read this article in full or to leave a comment, please click here

RIPE 75: IoT & Routing Security

RIPE 75 was held on 22-26 October 2017 in Dubai, United Arab Emirates, and was the second time the meeting has come to the Middle East. 483 participants from 54 countries including 175 newcomers came together to discuss operational issues and share expertise about the Internet, with a particular focus on the RIPE region that covers Europe, the Middle East and Central Asia.

Jan Žorž and Kevin Meynell from the Deploy360 team, along with Salam Yamout from the Middle East Bureau were also actively involved in the launch of a new Internet-of-Things Working Group, hosting a Routing Security BoF, and raising awareness of IRTF work on Human Rights Protocol Considerations.

The BoF session on ‘Internet Routing Health’ was organised by the Internet Society, and chaired by Jan and Benno Overreinder (NLnet Labs). The BoF attracted 20 participants variously drawn from commercial network operators and cloud providers, Regional Internet Registries (RIRs), and academia, with the aim of discussing ideas for measuring the health of the Internet routing system in order to obtain empirical data to strengthen the case for collaborative routing security.

The IoT session aimed to build on the RIPE IoT Roundtable meeting that was held on 21 September 2017 in Leeds, UK, and Continue reading

Quick Facts on EIGRP

Today, i am going to discuss about the one of the important Cisco routing protocol in many of the enterprise domain network. EIGRP is now open source routing protocol and can be used by any vendor.

The Protocol is initially Cisco Propriety  protocol but later on Cisco announces this protocol as open standard protocol and is now used in any of the routers ( It can be Juniper, Huawei, HP or any other ). 

There are lot of interesting facts around the EIGRP protocol, Some says it is Link state routing protocol and some says it is distance vector routing protocol. Well it is a Hybrid routing protocol. I am expecting you guys know about the fact of Distance Vector routing protocol and also know about the features and working of the Link State routing protocols.


I already wrote about the distance vector routing protocol and Link State routing protocol below is the link for your reference


Now talk about the distance vector routing protocol.Whenever there is discussion on Distance vector routing protocol then there are two protocols and they are RIP ( Routing Information Protocol ) and IGRP Continue reading

ROCA: Encryption vulnerability and what to do about it

Researchers recently discovered a dangerous vulnerability – called ROCA – in cryptographic smartcards, security tokens, and other secure hardware chips manufactured by Infineon Technologies. These articles on Ars Technica and The Register give a good background.

Is this a serious problem?

Yes. It’s serious in practice and in principle. Infineon used a flawed key generation routine, which means those keys are easier to crack, and the routine is used in chips embedded in a wide variety of devices. It’s reckoned that the flawed routine has been in use since 2012 and has probably been used to generate tens of millions of keys. Naturally, many of those keys will have been generated precisely because someone had data or resources that they particularly wanted to secure.

It’s serious because a flawed implementation managed to get through all the development and standardisation processes without being spotted, and has been widely deployed on mass-market devices.

What’s the flaw, and why does it cause a problem?

The flaw affects keys generated for the RSA and OpenPGP algorithms, both of which are public key crypto systems. Public key cryptography is based on pairs of keys, one of which is made public and the other kept private:

Enterprise Network on GNS3 – Part 3 – Distribution and Core Layers

This is the third from the series of the articles that discuss configuration of the entire enterprise network. The article focuses on the configuration of the distribution and core switches. The distribution layer consists of two multilayer switches vEOS-DIS-I and vEOS-DIS-II. The switches are Arista vEOS version 4.17.2F Qemu appliances installed on VMware disks. Each appliance has assigned 1536 MB RAM.

The distribution switches route traffic between end user VLANs and they connect the lower layer network to a Core layer. The layer 3 (routed) interfaces connect both distribution switches to each other and to the Core switches.  The interfaces toward the Access layer are layer 2 (switchports). The OSPF routing protocol is running on the distribution switches so there is only l3 connectivity between distribution and core layer.

Picture 1 - Distribution and Core Layers of Enterprise Campus Network

Note: The configuration files of the distribution switches are: vEOS-DIS-I and  vEOS-DIS-II.

The core layer consists of the switches vIOS-Core-I and vIOS-Core-II. These are the Cisco vIOS-l2 Qemu appliances on qcow2 disks, version 15.2. Each switch has assigned 768 MB RAM by GNS3. The core layer is completely layer3. It si connected to the lower Continue reading

All Of Ethan’s Podcasts And Articles For October 2017

Here’s a catalog of all the media I produced (or helped produce) in October 2017. I’ve decided to add some content summaries so that you have good incentive to give some of the podcasts a listen if they tickle your fancy.

PACKET PUSHERS WEEKLY PODCAST

PRIORITY QUEUE PODCAST

All Of Ethan’s Podcasts And Articles For October 2017

Here’s a catalog of all the media I produced (or helped produce) in October 2017. I’ve decided to add some content summaries so that you have good incentive to give some of the podcasts a listen if they tickle your fancy.

PACKET PUSHERS WEEKLY PODCAST

PRIORITY QUEUE PODCAST

Worth Reading: Hack it back is a bad idea

If there were a prize for the worst cybersecurity policy idea that just won’t die, it would have to go to “hacking back,” or making it legal for people to attack the computers that are attacking them. This idea has been around for years, which means that for years, people have been warning that this is a very bad idea—it’s not the first time I’ve written about this topic myself. But it’s a strangely persistent piece of policy, regardless of the fact that it’s been condemned by just about everyone, including law enforcement, and openly endorsed by almost no one. —Josephine Wolff @ Slate

1 1,473 1,474 1,475 1,476 1,477 3,347