Archive

Category Archives for "Networking"

MC-LAG

MC-Lag

 

Everyone  mostly know what MC-Lag does, for the benefit its a variant of LAG where the Down stream Devices share LAG interface on two Physical devices instead of One, I know its confusing let see a  sample topology

 

 

Vqfx1 will see the upstream as 1 ae1 instead of two different VMX devices, this has its own advantage and the entire discussion is something out of scope of this blog post.

 

Blog Post Goal – Demonstrate MC-Lag on VMX and Quickly highlight the options Common and different in MC-LAG, a ready reference for someone going for an exam or a implementation.

 

Take-Away’s

-> ICCP is the protocol between the nodes

 

  • Uses TCP/IP to replicates control plane and forwarding traffic between peers
  • One stand-by and one active (active responsible status control)
  • ICCP messages exchange configuration information to ensure both peers use correct LACP Parameters
  • ICL-PL (interface between Mx1 and Mx2 ex) supports Multiple MC-Lag Between the peers so its recommended to be a AE.

 

-> ICL-PL HA

 

  • A Keep-alive message is exchanged between MC-LAG peers which is recommended to be the management connection
  • If ICL-PL fails, keep alive is still through the management Continue reading

VMware Cloud on AWS with NSX: Communicating with Native AWS Resources

VMware Cloud on AWS with NSX: Communicating with Native AWS Resources If you haven’t already, please read my prior two blogs on VMware Cloud on AWS: VMware SDDC with NSX Expands to AWS and VMware Cloud on AWS with NSX – Connecting SDDCs Across Different AWS Regions; also posted on my personal blog at humairahmed.com. The prior blogs provide a good intro and information of some of the functionality and... Read more →

VMware Cloud on AWS with NSX: Communicating with Native AWS Resources

If you haven’t already, please read my prior two blogs on VMware Cloud on AWS: VMware SDDC with NSX Expands to AWS and VMware Cloud on AWS with NSX – Connecting SDDCs Across Different AWS Regions; also posted on my personal blog at humairahmed.com. The prior blogs provide a good intro and information of some of the functionality and advantages of the service. In this blog post I expand the discussion to the advantages of VMware Cloud on AWS being able to communicate with native AWS resources. This is something that would be desired if you have native AWS EC2 instances you want VMware Cloud on AWS workloads to communicate with or if you want to leverage other native AWS services like AWS S3 VPC Endpoint or RDS. Continue reading

How VMware’s vSAN provides the storage component for a hyper-converged data center.

VMware's vSAN (virtual SAN) architecture is designed to be a significant step into software-defined-computing, where the vSAN component is responsible for providing software-defined storage.Previously, systems architecture was one server containing its own compute, operating system, networking and storage. Virtualization abstracted this so that more than one OS could run per server, if still bound by captive network functionality, and storage.+See our review of vSAN 6.6+What is hyper-convergence? Hyper-convergence is the ability to abstract all of the components, be it the OS, storage, the network relationships a system has, and so forth. It’s the foundation of the software-defined-datacenter, distributed yet converged into a workload unit.To read this article in full, please click here

How VMware’s vSAN provides the storage component for a hyper-converged data center.

VMware's vSAN (virtual SAN) architecture is designed to be a significant step into software-defined-computing, where the vSAN component is responsible for providing software-defined storage.Previously, systems architecture was one server containing its own compute, operating system, networking and storage. Virtualization abstracted this so that more than one OS could run per server, if still bound by captive network functionality, and storage.+See our review of vSAN 6.6+What is hyper-convergence? Hyper-convergence is the ability to abstract all of the components, be it the OS, storage, the network relationships a system has, and so forth. It’s the foundation of the software-defined-datacenter, distributed yet converged into a workload unit.To read this article in full, please click here

Keeping your GDPR Resolutions

Keeping your GDPR Resolutions

For many of us, a New Year brings a renewed commitment to eat better, exercise regularly, and read more (especially the Cloudflare blog). But as we enter 2018, there is a unique and significant new commitment approaching -- protecting personal data and complying with the European Union’s (EU) General Data Protection Regulation (GDPR).

As many of you know by now, the GDPR is a sweeping new EU law that comes into effect on May 25, 2018. The GDPR harmonizes data privacy laws across the EU and mandates how companies collect, store, delete, modify and otherwise process personal data of EU citizens.

Since our founding, Cloudflare has believed that the protection of our customers’ and their end users’ data is essential to our mission to help build a better internet.

Keeping your GDPR ResolutionsImage by GregMontani via Wikimedia Commons

Need a Data Processing Agreement?

As we explained in a previous blog post last August, Cloudflare has been working hard to achieve GDPR compliance in advance of the effective date, and is committed to help our customers and their partners prepare for GDPR compliance on their side. We understand that compliance with a new set of privacy laws can be challenging, and we are here Continue reading

Keeping your GDPR Resolutions

Keeping your GDPR Resolutions

For many of us, a New Year brings a renewed commitment to eat better, exercise regularly, and read more (especially the Cloudflare blog). But as we enter 2018, there is a unique and significant new commitment approaching -- protecting personal data and complying with the European Union’s (EU) General Data Protection Regulation (GDPR).

As many of you know by now, the GDPR is a sweeping new EU law that comes into effect on May 25, 2018. The GDPR harmonizes data privacy laws across the EU and mandates how companies collect, store, delete, modify and otherwise process personal data of EU citizens.

Since our founding, Cloudflare has believed that the protection of our customers’ and their end users’ data is essential to our mission to help build a better internet.

Keeping your GDPR ResolutionsImage by GregMontani via Wikimedia Commons

Need a Data Processing Agreement?

As we explained in a previous blog post last August, Cloudflare has been working hard to achieve GDPR compliance in advance of the effective date, and is committed to help our customers and their partners prepare for GDPR compliance on their side. We understand that compliance with a new set of privacy laws can be challenging, and we are here Continue reading

Cisco to MikroTik – command translation – OSPF

In the world of network engineering, learning a new syntax for a NOS can be overwhelming if you need a specific set of config in a short timeframe. The command structure for RouterOS can be a bit challenging if you are used to Cisco CLI commands.

If you’ve been in networking for a while, there’s a good chance you started with Cisco gear and so it is helpful to draw comparisons between the commands, especially if you are trying to build a network with a MikroTik and Cisco router.

This is the second post in a series that creates a Rosetta stone essentially between IOS and RouterOS. We plan to tackle  other command comparisons like MPLS, VLANs and basic operations to make it easier for network engineers trained in Cisco IOS to successfully implement Mikrotik / RouterOS devices.

Click here for the first article in this series – “Cisco to MikroTik BGP command translation”

While many commands have almost the exact same information, others are as close as possible. Since there isn’t always an exact match, sometimes you may have to run two or three commands to get the information needed.

Using  EVE-NG for testing

In the last article, Continue reading

Cisco to MikroTik – command translation – OSPF

In the world of network engineering, learning a new syntax for a NOS can be overwhelming if you need a specific set of config in a short timeframe. The command structure for RouterOS can be a bit challenging if you are used to Cisco CLI commands.

If you’ve been in networking for a while, there’s a good chance you started with Cisco gear and so it is helpful to draw comparisons between the commands, especially if you are trying to build a network with a MikroTik and Cisco router.

This is the second post in a series that creates a Rosetta stone essentially between IOS and RouterOS. We plan to tackle  other command comparisons like MPLS, VLANs and basic operations to make it easier for network engineers trained in Cisco IOS to successfully implement Mikrotik / RouterOS devices.

Click here for the first article in this series – “Cisco to MikroTik BGP command translation”

While many commands have almost the exact same information, others are as close as possible. Since there isn’t always an exact match, sometimes you may have to run two or three commands to get the information needed.

Using  EVE-NG for testing

In the last article, Continue reading

IDG Contributor Network: China to block SD-WAN and VPN traffic by Jan. 11

A new Chinese policy going into effect next week, will have profound impact on businesses relying on Internet VPN or SD-WAN access within China.According to a notice from China Telecom obtained by SD-WAN Experts, the Chinese Government will require commercial Chinese ISPs to block TCP ports 80, 8080, and 443 by January 11, 2018. Port 80 is of course the TCP port commonly used for carrying HTTP traffic; 8080 and 443 are used for carrying HTTPS traffic. Commercial ISP customers interested in maintaining access to those ports must register or apply to re-open the port through their local ISP.  The news, first reported by Bloomberg July, was expected to be implemented by February, 2018. This is the first time a specific date has been provided for the action.To read this article in full, please click here

IDG Contributor Network: China to block SD-WAN and VPN traffic by Jan. 11

A new Chinese policy going into effect next week, will have profound impact on businesses relying on Internet VPN or SD-WAN access within China.According to a notice from China Telecom obtained by SD-WAN Experts, the Chinese Government will require commercial Chinese ISPs to block TCP ports 80, 8080, and 443 by January 11, 2018. Port 80 is of course the TCP port commonly used for carrying HTTP traffic; 8080 and 443 are used for carrying HTTPS traffic. Commercial ISP customers interested in maintaining access to those ports must register or apply to re-open the port through their local ISP.  The news, first reported by Bloomberg July, was expected to be implemented by February, 2018. This is the first time a specific date has been provided for the action.To read this article in full, please click here