Path MTU Discovery Doesn’t Work with IP Multicast
A friend of mine sent me an interesting problem:
I noticed recently that my IOS routers aren't sending ICMP (unreachable; frag needed) messages in response to too-big IPv4 multicast packets with DF-bit set. They're just dropping these packets silently, breaking PMTUD.
Unfortunately, that’s not a bug but a FAD (Functions-as-Designed).
Read more ...The Global Village Idiot
I recall from some years back, when we were debating in Australia some national Internet censorship proposal de jour, that if the Internet represented a new Global Village then Australia was trying very hard to position itself as the Global Village Idiot. And the current situation with Australia’s new Data Retention laws may well support a case for reviving that sentiment.The Importance of Quality in Infrastructure Software
Infrastructure doesn’t matter.
That’s what we keep hearing, right? The ongoing effort to commoditize infrastructure has generated a lot of buzzwords and clickbait taglines, and this is one of the biggest.
IT infrastructure has had a long history of hero culture, and it’s easy to make the assumption - given how low many of these technologies sit in the stack - that we are the important snowflakes and that we run the whole show. The reality is that we don’t, and every time an application engineering team has to hold a series of meetings on how to properly work on the existing infrastructure, that is time spent not creating new features.
The reality is that the underlying infrastructure never stopped being important. The call to simplify these layers was never borne out of a desire to sweep the carpet out from beneath ones own feet. It was a call for help; application teams barely have time to meet the feature requirements laid out by the business, and having to deal with downtime or overbearing change management procedures makes a bad situation worse. The business is not measuring software project success by the number of challenges they overcame on our way Continue reading
The Importance of Quality in Infrastructure Software
Infrastructure doesn’t matter.
That’s what we keep hearing, right? The ongoing effort to commoditize infrastructure has generated a lot of buzzwords and clickbait taglines, and this is one of the biggest.
IT infrastructure has had a long history of hero culture, and it’s easy to make the assumption - given how low many of these technologies sit in the stack - that we are the important snowflakes and that we run the whole show. The reality is that we don’t, and every time an application engineering team has to hold a series of meetings on how to properly work on the existing infrastructure, that is time spent not creating new features.
The reality is that the underlying infrastructure never stopped being important. The call to simplify these layers was never borne out of a desire to sweep the carpet out from beneath ones own feet. It was a call for help; application teams barely have time to meet the feature requirements laid out by the business, and having to deal with downtime or overbearing change management procedures makes a bad situation worse. The business is not measuring software project success by the number of challenges they overcame on our way Continue reading
The Importance of Quality in Infrastructure Software
Infrastructure doesn’t matter. That’s what we keep hearing, right? The ongoing effort to commoditize infrastructure has generated a lot of buzzwords and clickbait taglines, and this is one of the biggest. IT infrastructure has had a long history of hero culture, and it’s easy to make the assumption - given how low many of these technologies sit in the stack - that we are the important snowflakes and that we run the whole show.The Importance of Quality in Infrastructure Software
Infrastructure doesn’t matter. That’s what we keep hearing, right? The ongoing effort to commoditize infrastructure has generated a lot of buzzwords and clickbait taglines, and this is one of the biggest. IT infrastructure has had a long history of hero culture, and it’s easy to make the assumption - given how low many of these technologies sit in the stack - that we are the important snowflakes and that we run the whole show.Railgun v5 has landed: better, faster, lighter
Three years ago we launched Railgun, CloudFlare's origin network optimizer. Railgun allows us to cache the uncacheable to accelerate the connection between CloudFlare and our customers' origin servers. That brings the benefit of a CDN to even dynamic content with no need for 'fast purging' or other tricks. With Railgun even dynamic, ever-changing pages benefit from caching.
CC BY 2.0 image by Nathan E Photography
Over those three years Railgun has been deployed widely by our customers to accelerate the delivery of their web sites and lower their bandwidth costs.
Today we're announcing the availability of Railgun v5 with a number of significant improvements:
We've substantially reduced memory utilization and CPU requirements
Railgun performs delta compression on every request/response requiring CPU (to perform the compression) and memory (to keep a cache of pages to delta against). Version 5 has undergone extensive optimization based on the performance of Railgun on large web sites and at hosting providers. Version 5 requires much less memory and lower CPU.
A new, lighter weight, faster wire protocol
The original Railgun wire protocol that transfer requests and compressed responses between the customer server and CloudFlare's infrastructure has been completely replaced with a new, lighter-weight Continue reading
Networking Field day 10 – Nuage Networks
I just got done watching all the Nuage Networks videos from Networking Field Day 10 (NFD10) and I’m quite impressed with the presentation they gave. If you haven’t watched them yet, I would recommend you do…
Nuage Networks Evolution of Wide Area Networking
Nuage Networks Onboarding the Branch Demo
Nuage Networks Application Flexibility Demo
Nuage Networks Boundary-less Wide Are Networking
Here are some things I thought were worth highlighting…
A consistent Model
What I find interesting about Nuage is their approach. Most startup networking companies these days limit their focus to one area of the network. The data center is certainly a popular area but others are focusing on the WAN as well. Nuage is tackling both.
I heard a couple of times in the presentation statements like “users are stuck in the past” or “the network model has to be consistent”. The problem with any overlay based network solution is that ,at some point, you need to connect it back to the ‘normal’ network. Whether that entails bridging a physical appliance into the overlay, or actually peering the physical into the overlay, the story usually starts to get messy. Continue reading
GNS3 and VIRL
Just wanted to show everyone what I've been working on between VIRL and GNS3! Special thanks to the VIRL team (Valerie and Ralph)Cross vCenter Networking & Security with VMware NSX
NSX 6.2 was released on August 20, 2015. One of the key features in NSX 6.2 is Cross vCenter Networking and Security. This new capability scales NSX vSphere across vCenter boundaries. Now, one can span logical networking and security constructs across vCenter boundaries irrespective of whether the vCenters are in adjacent racks or across datacenters (up to 150ms apart). This enables us to solve a variety of use cases including:
- Capacity pooling across vCenters
- Simplifying data center migrations
- Cross vCenter and long distance vMotion
- Disaster recovery
With Cross vCenter Networking & Security one can extend logical switches (VXLAN networks) across vCenter boundaries enabling a layer 2 segment to span across VCs even when the underlying network is a pure IP / L3 network. However, the big innovation here is that with NSX we can also extend distributed routing and distributed firewalling seamlessly across VCs to provide a comprehensive solution as seen in the figure below.
Of course, there are a more details behind how this feature works and how we solve some really cool challenges in a simple elegant manner with network virtualization which we will cover at VMworld 2015 in the session NET5989. In the meanwhile if Continue reading