Archive

Category Archives for "Networking"

What’s Your Biggest Professional Challenge?

Now that we are in a new year (wow, it is hard to believe it is 2018), I want to ask a simple question. With what you are trying to accomplish at work or in your career, what is your biggest challenge? Is it something only you can deal with or is it something that someone can help with? Would you consider this challenge a personal challenge for your own career goals, or is it a challenge that you are trying to solve to further your employer’s objectives?

For me the answer would be something like this–

  1. Biggest Professional Challenge–distractions
  2. Who can help with this–mostly me, but my employer certainly doesn’t help and probably doesn’t truly understand the efficiencies that could be gained.
  3. This is a personal challenge–but my employer could certainly reap the rewards if I could improve in this area.

I wouldn’t necessarily consider this my resolve for 2018. However, it is certainly an area that I will work hard to improve in this new year. 

What are your challenges? Maybe I could help. Maybe it could even be interesting enough to be a new distraction that steals all my attention and becomes a new area of complete Continue reading

2018: Advocacy and Action

Happy New Year!

2018 offers exciting promise and opportunity for the Internet Society and the work of our global community for a better Internet. We’ll continue the positive momentum we started in 2017, when we celebrated our 25 year milestone and strengthened our impact around the globe.

Thank you to all who joined us on this amazing journey.  Take a look back at many of last year’s highlights.

Our ongoing mission to protect and to shape the Internet for future generations is not an easy task. However, we are well positioned with the people, resources, and commitment from across our global community to be a bold, powerful force for change.

To carry forward our focus on access and trust as the two most pressing issues facing the Internet today, in 2018 we will execute our Action Plan that outlines our advocacy efforts in these areas with a detailed set of priorities for maximum impact. In addition, we will continue to extend our community and organization to build a stronger foundation for realizing our vision, and foster new initiatives that respond to today’s rapidly changing world.

While I have announced my plans to pass on the CEO baton once the Continue reading

VXLAN routing with EVPN: asymmetric vs. symmetric model

We all know and love EVPN as a control plane for VXLAN tunnels over a layer 3 infrastructure (Need a refresher? Check out our blog post on the topic). EVPN gives us the ability to deploy VXLAN tunnels without controllers. Plus, it offers a range of other benefits such as reduction of data center traffic through ARP suppression, quick convergence during mobility, one routing protocol for both underlay and overlay and the inherent ability to support multi-tenancy (just to name a few). So EVPN for VXLAN for all of your layer 2 needs, right? Well it’s a little more complicated than that.

Customers need to also communicate between VXLANs and between a VXLAN tunnel and the outside world, so VXLAN routing must also be enabled in the network — which is what I cover in this post. Previous generation merchant silicon does not internally support VXLAN routing, so customers implement a workaround — adding an external loopback cable, sometimes called hyperloop, to the switch. The newer chips that support VXLAN routing allow us to route directly on the ASIC, eliminating the need for the hyperloop.

VXLAN routing can be performed with one of two architectures – centralized or distributed. Continue reading

Secure your SDN controller

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here

Secure your SDN controller

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here

Secure your SDN controller

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here

The Humble API

Network Engineering and coding, like many other things in the information technology world, share overlapping concepts—even if we don’t often recognize the overlap because we are too busy making up new names to describe the same thing. For this week’s video, I turn my attention to the Application Programming Interface, or the API.

IDG Contributor Network: How IoT trackers can fight poachers

Sea turtles have been survived for millions of years, but now face extinction.  as poachers. How do you protect sea turtles eggs on remote, miles-long beaches in developing countries from poachers working in the dark?Global System for Mobile Communications, or GSM, enabled IoT trackers may provide an answer to this scourge.Background Poachers kill sea turtles for their shells and their eggs are considered a delicacy and aphrodisiac. Sad but true. The trade of sea turtle products is restricted, but that doesn’t stop poachers. Tracking this illegal trafficking is difficult. The transit routes and final destinations are unknown.Sea turtle products are the second most frequently trafficked wildlife product smuggled from Latin America to the US. Eggs are a quarter of illegal imports and most originate in Mexico or Central America. This trade is devastating to turtle populations. A recent shipment of a thousand turtle eggs that was intercepted at the Mexico/U.S. border represented nearly 5 percent of the year’s total egg production for the beach from which they were poached!To read this article in full, please click here

OpenStack SDN – OpenContrail With BGP VPN

Continuing on the trend started in my previous post about OpenDaylight, I’ll move on to the next open-source product that uses BGP VPNs for optimal North-South traffic forwarding. OpenContrail is one of the most popular SDN solutions for OpenStack. It was one of the first hybrid SDN solutions, offering both pure overlay and overlay/underlay integration. It is the default SDN platform of choice for Mirantis Cloud Platform, it has multiple large-scale deployments in companies like Workday and AT&T. I, personally, don’t have any production experience with OpenContrail, however my impression, based on what I’ve heard and seen in the last 2-3 years that I’ve been following Telco SDN space, is that OpenContrail is the most mature SDN platform for Telco NFVs not least because of its unique feature set.

During the time of production deployment at AT&T, Contrail has added a lot of features required by Telco NFVs like QoS, VLAN trunking and BGP-as-a-service. My first acquaintance with BGPaaS took place when I started working on Telco DCs and I remember being genuinely shocked when I first saw the requirement for dynamic routing exchange with VNFs. To me this seemed to break one of the main rules of cloud Continue reading

2017 in review and 2018 goals

Here we are – the first day of 2018 and Im anxious and excited to get 2018 off to a good start.  Looking back – it just occurred to me that I didn’t write one of these for last year.  Not sure what happened there, but Im glad to be getting back on track.  So let’s start with 2017…

2017 was a great year for me.  I started the year continuing my work at IBM with the Watson group.  About half way through the year (I think) I was offered the opportunity to transition to a role in the Cloud Networking group.  It was an opportunity I couldn’t pass up to work with folks whom I had an incredible amount of respect for.  So I began the transition and within 3 months had fully transitioned to the new team.  Since then, I’ve been heads down working (the reason for the lack of blog posts recently (sorry!)).  But being busy at work is a good thing for me.  For those of you that know me well you know that “bored Jon” is “not happy Jon” so Im in my own Continue reading

Enterprise Network on GNS3 – Part 5 – Data Center

The article is the fifth of the series of the articles discussing the enterprise network configuration. The article focus on the Data Center (DC) configuration. DC consists of the two devices - Server1 and the switch vIOS-Ser-I. Of course, the DC network with a single switch and the server is far away from any known DC network design. Typically, modern horizontally scaled large-size Layer 3 DCs consist of thousands of servers connected to the Top of Rack (ToR) l3 switches and they follow leaf and spine design. The DC of this size can be hardly emulated on a single PC. For this reason I only share the configuration of the Cisco L3 switch that is located in our DC. The switch is running Cisco vIOS-L2, version 15.2 and it has assigned 768MB RAM by GNS3.

The switch vIOS-Ser-I connects Ubuntu Linux Server to DC network. The configuration of the services such as bonding, NTP, DHCP, Syslog-ng, DNS and RADIUS running on the server is explained in more details later.

Picture 1 - Data Center

Note: The configuration file of the device vIOS-Serv-I is attached here.

1. Switch vIOS-Ser-I Configuration

Rather than explaining every line of the configuration, we Continue reading