Deploy360 at IETF 100, Day 1: IPv6 and IoT

Passed JNCIP-DC

I took JNCIP-DC Exam and could pass it. My review on the exam and Prep strategy.

Materials

-> Juniper Documentation

-> Cisco Implementing EVPN Video series – Safari press

-> Juniper Qfx1000 Github and vagrant images

-> DCX , ADCX , TDCX Materials

-> Hand’s on Implementation and 4 months Study (Not including any weekends)

Exam in itself was not that tough to be frank, but depth of questions covered all the concepts. There is no topic that you could leave from official blue-print, everything is touched and everything is touched at a fairly equal way.

Recommendations

-> Use the Github page for Juniper QFX1000 and download the vagrant images for practise

-> Revise Evpn and QFX-Series Books and you should be good

-> If you can, go through the official course-ware as they are good for review and exam prep

-> Evpn from Cisco’s standpoint is pretty much covered by Many learning instructors like INE,CBT use them to learn the technology if you are Video based learning individual.

-RAKESH

Basic Router Configurations on Cisco Router

Today I am going to talk about the basic configurations on Cisco routers where i can define the basic commands like setting console password, assign VTY password, configuring IP addresses on the interfaces, Configuring the router for SSH access, Configuring basic IPv6 configurations on the router, configuring trunk based inter-VLAN routing, configuring IPv6 configurations manually and at last configuring OSPFv6 with the use of IPv6.

This is a basic article for the starters who are going to configure the router from the scratch. Most of the basic configurations are for demo purposes and you can use your IP addresses as per requirements in your network. Lets start with the basic configurations on the router now.

Fig 1.1- Basic Network Topology

Above is the basic network topology where we have 3 layer architecture with the Cisco ASA firewalls and the routers. We are going to configure WAN routers with the basic configurations

Configure the Basic router 

Router> enable
Router# config terminal 

Router(config)# hostname ttlbits_ttlbits_R1

ttlbits_R1(config)# no ip domain-lookup 

ttlbits_R1(config)# security passwords min-length 10 

ttlbits_R1(config)# enable secret cisco12345 

Now let's configure the console password on the Cisco routers, below is the basic example showing the configurations of console on router.

Setting Continue reading

Why bitcoin is terrible

For every day that passes I like bitcoin less. It’s bad for the world.

I have ranted about this many times, and it’s time I consolidate these rants into a blog post.

We’ll see with time if this rant ages poorly or not.

Section 1: Practicalities

What bitcoin is trying to achieve in payments

These would be good things:

• Anonymity
• Peer to peer and remote payments

What bitcoin is actually good for

Bitcoin today is pretty much only good for two things:

• Committing crimes
• Speculating on currency

If you’re not doing one of those, then don’t use Bitcoin.

If you are an online store then sure, accept Bitcoin. There’s moral problems with supporting Bitcoin (see rest of post), but as long as you immediately convert to fiat currency when you receive payment it’s fine for you. There are even companies out there that’ll guarantee an exchange rate so that you never have to get into the business of currency.

You may say that Bitcoin can be used to get money out of China, or into Brazil, or to enable shopping of “things that should not be called ‘drugs’ anyway”, but you have to admit that no matter what you think Continue reading

Syslog relay with Scapy

 #!/usr/bin/env python2.7  
   
 from scapy.all import *  
   
 def pkt_callback(pkt):  
   del pkt[Ether].src  
   del pkt[Ether].dst  
   del pkt[IP].chksum  
   del pkt[UDP].chksum  
   pkt[IP].dst = '192.168.100.100'  
   sendp(pkt)  
   
 sniff(iface='eth0', filter='udp port 514', prn=pkt_callback, store=0)  

Configuring vPC on Cisco Nexus Devices

Things that cannot go wrong

Found this Douglas Adams quote in The Signal and the Noise (a must-read book):

The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair

I’ll leave to your imagination how this relates to stretched VLANs, ACI, NSX, VSAN, SD-WAN and a few other technologies.

Weekend Reads 2017-05-11

We’re quietly replacing an open web that connects and empowers with one that restricts and commoditizes people. We need to stop it. I quit Facebook seven months ago. Despite its undeniable value, I think Facebook is at odds with the open web that I love and defend. This essay is my attempt to explain not only why I quit Facebook but why I believe we’re slowly replacing a web that empowers with one that restricts and commoditizes people. And why we should, at the very least, stop and think about the consequences of that shift. –Parimal Satyal @ Neustadt.fr

Two clocks are ticking for US tech companies in the power centers of the modern world. In Washington, lawmakers are working to reform FISA Section 702 before it expires on December 31st, 2017. Section 702 is the main legal basis for US mass surveillance, including the programs and techniques that scoop up the data transferred by non-US individuals to US servers. Upstream surveillance collects communications as they travel over the Internet backbone, and downstream surveillance (better known as PRISM) collects communications from companies like Google, Facebook, and Yahoo. –Danny O’Brien @ EFF

Arguably, a good deal of Americans are in Continue reading

Docker’s Kubernetes Support Leaves Questions Around Swarm

The company says it plans to evolve Swarm but hasn't provided any details.

SDxCentral’s Weekly News Roundup — November 10, 2017

Telstra and Ericsson complete 5G data call; SoftBank increases stake in Sprint; Edgecore Networks contributes hardware for white box packet transponder to TIP.

Lumina’s SDN Controller Manages Third Party Switches, Containers

This is targeted to the data center use case.

Verizon Makes SD-WAN Platform Available to its Wholesale Customers

The company's SD-WAN service is powered by Cisco Meraki.

Hummingbird

Show 365: You Can’t Do That In Enterprise Networks

Cloudflare Wants to Buy Your Meetup Group Pizza

If you’re a web dev / devops / etc. meetup group that also works toward building a faster, safer Internet, I want to support your awesome group by buying you pizza. If your group’s focus falls within one of the subject categories below and you’re willing to give us a 30 second shout out and tweet a photo of your group and @Cloudflare, your meetup’s pizza expense will be reimbursed.

Get Your Pizza $ Reimbursed »

Developer Relations at Cloudflare & why we’re doing this

I’m Andrew Fitch and I work on the Developer Relations team at Cloudflare. One of the things I like most about working in DevRel is empowering community members who are already doing great things out in the world. Whether they’re starting conferences, hosting local meetups, or writing educational content, I think it’s important to support them in their efforts and reward them for doing what they do. Community organizers are the glue that holds developers together socially. Let’s support them and make their lives easier by taking care of the pizza part of the equation.

What’s in it for Cloudflare?

1. We want web developers to target the apps platform
2. We want more people to Continue reading

An Opinion On Offense Against NAT

It’s been a long time since I’ve gotten to rant against Network Address Translation (NAT). At first, I had hoped that was because IPv6 transitions were happening and people were adopting it rapidly enough that NAT would eventually slide into the past of SAN and DOS. Alas, it appears that IPv6 adoption is getting better but still not great.

Geoff Huston, on the other hand, seems to think that NAT is a good thing. In a recent article, he took up the shield to defend NAT against those that believe it is an abomination. He rightfully pointed out that NAT has extended the life of the modern Internet and also correctly pointed out that the slow pace of IPv6 deployment was due in part to the lack of urgency of address depletion. Even with companies like Microsoft buying large sections of IP address space to fuel Azure, we’re still not quite at the point of the game when IP addresses are hard to come by.

So, with Mr. Huston taking up the shield, let me find my +5 Sword of NAT Slaying and try to point out a couple of issues in his defense.

Relationship Status: NAT’s…Complicated

The first Continue reading

Introduction to Network Time Protocol (NTP) and Basic Configurations

IDG Contributor Network: Thoughts & prayers don’t stop mass shooters. Technology might.

It’s heartbreaking. Gun violence kills 93 Americans every day while politicians send their thoughts and prayers. 2017 has seen two of the deadliest mass shootings in American history.How can technology help reduce mass shootings? How can shooters be authenticated before they can fire? How can the police be alerted when a large number of firearms are present at an unusual location? Can an excessive number of shots fired be prevented?Background Americans make up about 4.4 percent of the global population but own 42 percent of the world’s guns. And approximately one in three gunmen is American according to a study by Adam Lankford, a professor at the University of Alabama. Firearms are an $11 billion per year industry with over 300 million existing guns in circulation. About 40% of Americans say they own a gun or live in a household with one. A recent survey reports that the US has the highest rate of murder by firearms in the developed world. Mass shootings cost Americans over $229 billion per year.To read this article in full, please click here

On the dangers of Intel’s frequency scaling

While I was writing the post comparing the new Qualcomm server chip, Centriq, to our current stock of Intel Skylake-based Xeons, I noticed a disturbing phenomena.

When benchmarking OpenSSL 1.1.1dev, I discovered that the performance of the cipher ChaCha20-Poly1305 does not scale very well. On a single thread, it performed at the speed of approximately 2.89GB/s, whereas on 24 cores, and 48 threads it performed at just over 35 GB/s.

CC BY-SA 2.0 image by blumblaum

Now this is a very high number, but I would like to see something closer to 69GB/s. 35GB/s is just 1.46GB/s/core, or roughly 50% of the single core performance. AES-GCM scales much better, to 80% of single core performance, which is understandable, because the CPU can sustain higher frequency turbo on a single core, but not all cores.

Why is the scaling of ChaCha20-Poly1305 so poor? Meet AVX-512. AVX-512 is a new Intel instruction set that adds many new 512-bit wide SIMD instructions and promotes most of the existing ones to 512-bit. The problem with such wide instructions is that they consume power. A lot of power. Imagine a single instruction that does the work of 64 regular Continue reading

A deep dive into Cisco’s intent-based networking

When Cisco announced its intent-based networking (IBN) strategy this summer, CEO Chuck Robbins called it the company’s biggest announcement in years.To read this article in full, please click here(Insider Story)