Archive

Category Archives for "Networking"

2018: Advocacy and Action

Happy New Year!

2018 offers exciting promise and opportunity for the Internet Society and the work of our global community for a better Internet. We’ll continue the positive momentum we started in 2017, when we celebrated our 25 year milestone and strengthened our impact around the globe.

Thank you to all who joined us on this amazing journey.  Take a look back at many of last year’s highlights.

Our ongoing mission to protect and to shape the Internet for future generations is not an easy task. However, we are well positioned with the people, resources, and commitment from across our global community to be a bold, powerful force for change.

To carry forward our focus on access and trust as the two most pressing issues facing the Internet today, in 2018 we will execute our Action Plan that outlines our advocacy efforts in these areas with a detailed set of priorities for maximum impact. In addition, we will continue to extend our community and organization to build a stronger foundation for realizing our vision, and foster new initiatives that respond to today’s rapidly changing world.

While I have announced my plans to pass on the CEO baton once the Continue reading

VXLAN routing with EVPN: asymmetric vs. symmetric model

We all know and love EVPN as a control plane for VXLAN tunnels over a layer 3 infrastructure (Need a refresher? Check out our blog post on the topic). EVPN gives us the ability to deploy VXLAN tunnels without controllers. Plus, it offers a range of other benefits such as reduction of data center traffic through ARP suppression, quick convergence during mobility, one routing protocol for both underlay and overlay and the inherent ability to support multi-tenancy (just to name a few). So EVPN for VXLAN for all of your layer 2 needs, right? Well it’s a little more complicated than that.

Customers need to also communicate between VXLANs and between a VXLAN tunnel and the outside world, so VXLAN routing must also be enabled in the network — which is what I cover in this post. Previous generation merchant silicon does not internally support VXLAN routing, so customers implement a workaround — adding an external loopback cable, sometimes called hyperloop, to the switch. The newer chips that support VXLAN routing allow us to route directly on the ASIC, eliminating the need for the hyperloop.

VXLAN routing can be performed with one of two architectures – centralized or distributed. Continue reading

Secure your SDN controller

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here

Secure your SDN controller

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here

Secure your SDN controller

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here

The Humble API

Network Engineering and coding, like many other things in the information technology world, share overlapping concepts—even if we don’t often recognize the overlap because we are too busy making up new names to describe the same thing. For this week’s video, I turn my attention to the Application Programming Interface, or the API.

IDG Contributor Network: How IoT trackers can fight poachers

Sea turtles have been survived for millions of years, but now face extinction.  as poachers. How do you protect sea turtles eggs on remote, miles-long beaches in developing countries from poachers working in the dark?Global System for Mobile Communications, or GSM, enabled IoT trackers may provide an answer to this scourge.Background Poachers kill sea turtles for their shells and their eggs are considered a delicacy and aphrodisiac. Sad but true. The trade of sea turtle products is restricted, but that doesn’t stop poachers. Tracking this illegal trafficking is difficult. The transit routes and final destinations are unknown.Sea turtle products are the second most frequently trafficked wildlife product smuggled from Latin America to the US. Eggs are a quarter of illegal imports and most originate in Mexico or Central America. This trade is devastating to turtle populations. A recent shipment of a thousand turtle eggs that was intercepted at the Mexico/U.S. border represented nearly 5 percent of the year’s total egg production for the beach from which they were poached!To read this article in full, please click here

OpenStack SDN – OpenContrail With BGP VPN

Continuing on the trend started in my previous post about OpenDaylight, I’ll move on to the next open-source product that uses BGP VPNs for optimal North-South traffic forwarding. OpenContrail is one of the most popular SDN solutions for OpenStack. It was one of the first hybrid SDN solutions, offering both pure overlay and overlay/underlay integration. It is the default SDN platform of choice for Mirantis Cloud Platform, it has multiple large-scale deployments in companies like Workday and AT&T. I, personally, don’t have any production experience with OpenContrail, however my impression, based on what I’ve heard and seen in the last 2-3 years that I’ve been following Telco SDN space, is that OpenContrail is the most mature SDN platform for Telco NFVs not least because of its unique feature set.

During the time of production deployment at AT&T, Contrail has added a lot of features required by Telco NFVs like QoS, VLAN trunking and BGP-as-a-service. My first acquaintance with BGPaaS took place when I started working on Telco DCs and I remember being genuinely shocked when I first saw the requirement for dynamic routing exchange with VNFs. To me this seemed to break one of the main rules of cloud Continue reading

2017 in review and 2018 goals

Here we are – the first day of 2018 and Im anxious and excited to get 2018 off to a good start.  Looking back – it just occurred to me that I didn’t write one of these for last year.  Not sure what happened there, but Im glad to be getting back on track.  So let’s start with 2017…

2017 was a great year for me.  I started the year continuing my work at IBM with the Watson group.  About half way through the year (I think) I was offered the opportunity to transition to a role in the Cloud Networking group.  It was an opportunity I couldn’t pass up to work with folks whom I had an incredible amount of respect for.  So I began the transition and within 3 months had fully transitioned to the new team.  Since then, I’ve been heads down working (the reason for the lack of blog posts recently (sorry!)).  But being busy at work is a good thing for me.  For those of you that know me well you know that “bored Jon” is “not happy Jon” so Im in my own Continue reading

Enterprise Network on GNS3 – Part 5 – Data Center

The article is the fifth of the series of the articles discussing the enterprise network configuration. The article focus on the Data Center (DC) configuration. DC consists of the two devices - Server1 and the switch vIOS-Ser-I. Of course, the DC network with a single switch and the server is far away from any known DC network design. Typically, modern horizontally scaled large-size Layer 3 DCs consist of thousands of servers connected to the Top of Rack (ToR) l3 switches and they follow leaf and spine design. The DC of this size can be hardly emulated on a single PC. For this reason I only share the configuration of the Cisco L3 switch that is located in our DC. The switch is running Cisco vIOS-L2, version 15.2 and it has assigned 768MB RAM by GNS3.

The switch vIOS-Ser-I connects Ubuntu Linux Server to DC network. The configuration of the services such as bonding, NTP, DHCP, Syslog-ng, DNS and RADIUS running on the server is explained in more details later.

Picture 1 - Data Center

Note: The configuration file of the device vIOS-Serv-I is attached here.

1. Switch vIOS-Ser-I Configuration

Rather than explaining every line of the configuration, we Continue reading

General – Taking the Long Road

As we start the new year, I started thinking about something. Why do people think it’s acceptable to take shortcuts in their IT career? Is it because people don’t see the true effect of their work? Or is the cheating as prevalent in law and medicine but we working in IT aren’t aware of it?

Trust me, I understand that some people live really tough lives, they want to put food on the table for their family, find a better living, perhaps start a new life in a new country. The competition is fierce. Some countries have more engineers coming out of universities every year than we have people living in Sweden.

The thing is though, if you cheat your way to a CCIE, sooner or later you will be caught. But regardless of that. How would you feel if a power plant goes down due to your mistake? Having a heart monitoring unit fail because of your mistake? Having people’s private information leaked due to your mistake? We all make mistakes but we shouldn’t be making them because we pretend that we are something that we aren’t, experts. Networking is a critical part of everyones life now. Most of Continue reading

2018 Is The Year Of Writing Everything

Welcome back to a year divisible by 2! 2018 is going to be a good year through the power of positive thinking. It’s going to be a fun year for everyone. And I’m going to do my best to have fun in 2018 as well.

Per my tradition, today is a day to look at what is going to be coming in 2018. I don’t make predictions, even if I take some shots at people that do. I also try not to look back to heavily on the things I’ve done over the past year. Google and blog searches are your friend there. Likely as not, you’ve read what I wrote this year and found one or two things useful, insightful, or amusing. What I want to do is set up what the next 52 weeks are going to look like for everyone that comes to this blog to find content.

Wearing Out The Keyboard

The past couple of years has shown me that the written word is starting to lose a bit of luster for content consumers. There’s been a bit push to video. Friends like Keith Townsend, Robb Boardman, and Rowell Dionicio have started making more video Continue reading