Perfect locality and three epic SystemTap scripts
In a recent blog post we discussed epoll behavior causing uneven load among NGINX worker processes. We suggested a work around - the REUSEPORT socket option. It changes the queuing from "combined queue model" aka Waitrose (formally: M/M/s), to a dedicated accept queue per worker aka "the Tesco superstore model" (formally: M/M/1). With this setup the load is spread more evenly, but in certain conditions the latency distribution might suffer.
After reading that piece, a colleague of mine, John, said: "Hey Marek, don't forget that REUSEPORT has an additional advantage: it can improve packet locality! Packets can avoid being passed around CPUs!"
John had a point. Let's dig into this step by step.
In this blog post we'll explain the REUSEPORT socket option, how it can help with packet locality and its performance implications. We'll show three advanced SystemTap scripts which we used to help us understand and measure the packet locality.
A shared queue
The standard BSD socket API model is rather simple. In order to receive new TCP connections a program calls bind() and then listen() on a fresh socket. This will create a single accept queue. Programs can share the file descriptor - pointing Continue reading
OpenStack now featured in Cumulus in the Cloud
First of all, we’re thrilled to announce that today we launched OpenStack with Cumulus in the Cloud. That means that you can now test out Cumulus Networks technology with an OpenStack environment easily and at zero cost to you.
I’ve written previously about Cumulus In The Cloud (CitC) when we first released it a month ago with Mesos as the initial release flavor. Since then, JR Rivers and his team have been diligently working on adding additional flavors to the CitC offering. I could not have been happier to hear the good news that they had integrated an OpenStack solution with the cloud testing framework.
I immediately launched my own free instance of Cumulus in the Cloud using the standard steps. I was greeted with a new option where I could pick the flavor of CitC I wanted to initiate:
Since I had already experimented with Mesos, I was eager to tinker with OpenStack to better learn this technology.
To be upfront, I am not an OpenStack expert. I have been diligently learning it over the past six months ever since a majority of my customer engagements have involved private cloud deployments leading with OpenStack. As a network engineer first, Continue reading
Introduction to Point to Point Authentication : PAP and CHAP protocols
Today I am going to talk about the PAP- Password Authentication Protocol and CHAP- challenge handshake authentication protocol. So let's talk about PAP and CHAP one by one.
PAP and CHAP is one of the basic and most important topic for CCNA candidates or the freshers who are going to work on the Point to point networks.
Before we are starting with the PAP and CHAP protocols, I would like to tell you that PAP and CHAP is the authentication procedure in Point to point network. So if you are using Point to point networks in your architecture you should opt for PAP or CHAP protocols as per the design required.
Below is the example showing the pictorial representation where we are defining the acceptance and the refusal of the connection in both the cases.
PAP- Password Authentication Protocol
So PAP is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users. PAP generally consider as a very basic two-way process. There is no encryption. The username and password are sent in plain text. If it is accepted, the connection is allowed.
PAP and CHAP is one of the basic and most important topic for CCNA candidates or the freshers who are going to work on the Point to point networks.
Before we are starting with the PAP and CHAP protocols, I would like to tell you that PAP and CHAP is the authentication procedure in Point to point network. So if you are using Point to point networks in your architecture you should opt for PAP or CHAP protocols as per the design required.
Below is the example showing the pictorial representation where we are defining the acceptance and the refusal of the connection in both the cases.
PAP- Password Authentication Protocol
So PAP is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users. PAP generally consider as a very basic two-way process. There is no encryption. The username and password are sent in plain text. If it is accepted, the connection is allowed.
The authentication phase of a PPP session is optional. If used, you can authenticate the Continue reading
Introduction to ACI Multi-Site Fabric Design Network
In my earlier post I talk about the ACI stretched Fabric and ACI multi-pod fabric designs with single and multiple APIC clusters. Now I am going to talk about the basics of the Cisco ACI Multi-site fabric design network in my article. If you want to have a look for my earlier article, please go through the below mentioned link and review before we will start with the Cisco ACI multi-site fabric network design.
Introduction to Cisco ACI stretched fabric and ACI Multi-pod Fabric Designs
So in short, you now understand the Cisco single-pod, Cisco ACI stretched fabric and Cisco ACI multi-pod fabric design. Now we are going to talk about the next level of Cisco ACI deployment model and this model is called as Cisco ACI Multi-site fabric design.
Cisco ACI Multi-site Fabric Network Design
Introduction to Cisco ACI stretched fabric and ACI Multi-pod Fabric Designs
So in short, you now understand the Cisco single-pod, Cisco ACI stretched fabric and Cisco ACI multi-pod fabric design. Now we are going to talk about the next level of Cisco ACI deployment model and this model is called as Cisco ACI Multi-site fabric design.
Cisco ACI Multi-site Fabric Network Design
Making more innovation in the Cisco ACI with the APIC 2.0 release, Cisco said that a Multi-Site design is the architecture interconnecting multiple APIC cluster domains with their associated pods.
A Multi-Site design could also be called a Multi-Fabric design, because it interconnects separate availability zones (fabrics), each deployed either as a single pod or multiple pods (a Multi-Pod design). Below is Continue reading
Introduction to Cisco ACI stretched fabric and ACI Multi-pod Fabric Designs
Today I am going to talk about Cisco ACI where Cisco is providing two different solutions on Cisco ACI. One solution is Cisco ACI Multi-pod and other solution is named as Cisco ACI Multi-Site design or architecture.
Earlier Cisco ACI multi-pod environment we were doing the ACI stretched Fabric design but then Cisco come up with the solution called as Cisco ACI multi-pod.
What is Cisco ACI Multi-pod ?
Well ACI multi-pod is a kind of ACI stretched Fabric design with more benefits and features. In simple words we can say that ACI multi-pod is a multiple ACI fabrics that is under control of single management or administration.
What is the key difference of ACI stretched fabric design and ACI multi-pod ?
Let's talk about the ACI stretched fabric design, Let us suppose we have two ACI fabric design where we have Spine-Leaf architecture. One is ACI-I and other is ACI-II, if you are going to connect the leaf switches of ACI-I with the spine switches of ACI-II and leaf switches of ACI-II with spine switches of ACI-I makes ACI Stretched fabric design. Below diagram shows the best way of Cisco ACI stretched fabric design between three ACI fabric networks.
Earlier Cisco ACI multi-pod environment we were doing the ACI stretched Fabric design but then Cisco come up with the solution called as Cisco ACI multi-pod.
What is Cisco ACI Multi-pod ?
Well ACI multi-pod is a kind of ACI stretched Fabric design with more benefits and features. In simple words we can say that ACI multi-pod is a multiple ACI fabrics that is under control of single management or administration.
What is the key difference of ACI stretched fabric design and ACI multi-pod ?
Let's talk about the ACI stretched fabric design, Let us suppose we have two ACI fabric design where we have Spine-Leaf architecture. One is ACI-I and other is ACI-II, if you are going to connect the leaf switches of ACI-I with the spine switches of ACI-II and leaf switches of ACI-II with spine switches of ACI-I makes ACI Stretched fabric design. Below diagram shows the best way of Cisco ACI stretched fabric design between three ACI fabric networks.
 |
| Continue reading |
General – Advice on Numbering Policies in Networking
There are several situations where we need to write some form of policy such as QoS, routing policies used in for example redistribution, filtering and policy-based routing, dot1x and so on. Lately I had to update a policy used by the master controller (MC) in an IWAN design. What are some important things to consider when writing the policy?
The number to start with – If you start with the number one then it won’t be possible to insert anything above this line at a later time. How certain are you that you will never have to put anything before the starting line? My recommendation is to start with a higher number such as 100.
Space between each line – Don’t number your lines 100, 101, 102, 103 and so on. Leave some more space between each line in case you have to insert something later between two lines. A spacing of 10 should be fine for most situations.
Go from most granular to least granular – The policy should go from as granular as possible to the least granular at the end. If you have a statement that is too broad you may catch more than you expected even Continue reading
NodeJS Quick Reference
Comment Variable String Integer Boolean Array Object For Loop // Alternate syntax for (var i in things) // Iterate dictionary' ) }} While Loop If, Else if, Else Function Class set stuff(stuff) get stuff() showStuff() }' ) }} continue reading
Introduction to Next Generation Network Technology: IOT- Internet Of Things
Today I am going to talk about the next generation technology where we are going to connect many other infrastructure and electronic things and controlled and managed by single user or with group of the users. IOT is now the demand of many enterprise, Schools, Hospitals, Factories and many other places. IOT helps ease to work with the help of the latest technology.
IOT is the new technology where we automated the various appliances may be electronic and electric to make this world better. A aspect, within the internet of things, can be someone with a heart monitor implant, a farm animal with a biochip transponder, an car that has built-in sensors to alert the driver whilst tire pressure is low -- or every other natural or guy-made item that can be assigned an IP address and provided with the capacity to switch facts over a network.
The IoT permits objects to be sensed and managed remotely across current network infrastructure, developing opportunities for extra direct integration of the physical global into pc-based totally systems, and resulting in improved efficiency, accuracy and financial advantage.
What is the Basic Purpose of IOT ? How it will helpful for my Business ?
IoT Continue reading
The Use of the Asymmetric routing
Today I am going to talk about the the concept of asymmetric routing and what is the purpose of the asymmetric routing in details. In simple words, Asymmetric routing is used when a packet takes one path to the destination and takes another path when returning to the source. It can be used of manual purposes where we want the sending and the receiving path will be different.
Asymmetric routing is common within most networks i.e. the larger the network, the more likely there is asymmetric routing in the network. Asymmetric routing is an undesirable situation for many network devices including, firewalls, VPNs, and Load Balancer appliances. These devices all rely on seeing every packet to function properly.
Below is the example showing the asymmetric routing where we have two different paths for sending and receiving the packets or you can say traffic flow path are different for sending and receiving the packets. In the below topology, you can see that Site A sending the traffic to internet via Primary Router and then to ASA and then to internet Router while receiving from Internet router then secondary router and then to Site A via MPLS cloud. So this Continue reading
Marvell in Talks to Buy Cavium, Creating $14B Chipmaker, Report Says
It follows reports that Broadcom is planning an unsolicited bid for chipmaker Qualcomm.
Hive Mind, Help Me Out with A10 AXAPI?
Dear Internet,
I am writing some automation code in Go to create client-ssl templates on an A10 load balancer running AXAPI version 2. It’s going as swimmingly as it can with the v2 API, but one area of non-complete API coverage has led to another issue and I’m wondering if anybody has seen the same thing.
Background – Disabling SSLv3
SSL access to VIPs on the A10 load balancer is controlled by means of client-ssl templates which define which certificates should be presented and the ciphers and protocols supported for the incoming connection. In this case therefore, disabling SSLv3 is accomplished in the client-ssl template (unfortunately there is no global switch to turn SSLv3 off by default). A typical template might look like this in the configuration:
slb template client-ssl mytemplate cert my_certificate key my_private_key chain-cert some_chain_cert disable-sslv3 !
As it turns out, all aspects of the client-ssl template are exposed via the API except for “disable-sslv3” which shows neither as a returned property of the template (highly annoying), nor as a property which can be set when creating a template (also annoying). Thus to replicate a template like the one above, I choose to set everything I can using the Continue reading
Broadcom Plans Unsolicited Offer on Qualcomm, Report Says
This follows yesterday's news that Broadcom is relocating its headquarters to the U.S.
Cumulus content roundup: November
Saddle-up and get ready to ride — the Cumulus content roundup is back to take you on a journey through the best in industry news! It’s been a great month for innovation and forward-thinking, here at Cumulus Networks and beyond. From clouds to chassis to microservices, we’ve got the latest in data center networking trends covered. Check out what’s going on, and let us know what you think!
The best from Cumulus:
Private vs. public cloud white paper: Trying to decide which cloud is best for your organization? This white paper weighs the costs and benefits of private, public, and hybrid clouds for you. Read more so you can pick the perfect cloud.
Cumulus Networks inducted into JPMorgan Chase Hall of Innovation: We are humbled and honored to announce that Cumulus Networks has been inducted into the JPMorgan Chase Hall of Innovation. Read this blog to see what it takes to be an innovator.
Technical video and demo: NetQ: This video is perfect for anyone searching for a technical breakdown and demonstration of NetQ’s immense capabilities. Watch here, and see the awesome power of NetQ for yourself.
Choosing your chassis: This blog post provides an up-close Continue reading
Fujitsu and NetApp Partner on Converged Infrastructure
NetApp teamed up with Cisco on converged infrastructure seven years ago.
VMware’s VeloCloud Deal Fills Gap Between the Branch Office and the Edge
Expect more consolidation of SD-WAN and networking vendors to come.
Synopsys Pays $548M to Buy Black Duck, Boost Security Software
Black Duck’s security technology automates the detection of vulnerabilities in open source software.
SDxCentral’s Weekly News Roundup — November 3, 2017
CenturyLink closes on Level 3 for $34B; Microsoft Azure to triple its capacity in China; Telefonica Chile virtualizes its core network with Ericsson.
Arista’s Service Provider Vertical Grows During Q3 2017
The company’s revenues grew 50.8% year-over-year.