The onePK office prank
You know those times when you paste innocuous config to a router and it just freezes up on you? Even if you know you’ve done nothing wrong it can be a few scary seconds until the router starts to respond again. While reading up on onePK I was trying to come up with a use case. Though I eventually thought about some other things that would actually be useful. The very first thing that came to mind was something to test just for fun.
The prank
Picture this; You ask a co-worker to login to a router and shutdown an interface which won’t be used anymore. Your colleague logs into the device and disables the interface and the session hangs. Only it doesn’t just hang, it’s dead and apparently your colleague can’t ping the device now. At this point it can be a good idea to ask your co-worker about what exactly he changed.
OVS Fall 2014 Conference: Observations and Takeaways
Last week we hosted the Open vSwitch 2014 Fall Conference, which was another great opportunity to demonstrate our continued investment in leading open source technologies. To get a sense of the energy and enthusiasm at the event, take a quick view of this video we captured with attendees.
I’ve been thinking about the key takeaways from everything I saw and everyone I spoke with.
First, there’s huge interest in Open vSwitch performance, both in terms of measurement and improvement. The talks from Rackspace and Noiro Networks/Cisco led me to believe that we’ve reached the point where Open vSwitch performance is good enough on hypervisors for most applications, and often faster than competing software solutions such as the Linux bridge.
Talks from Intel and one from Luigi Rizzo at the University of Pisa demonstrated that by bypassing the kernel entirely through DPDK or netmap, respectively, we haven’t reached the limits of software forwarding performance. Based on a conversation I had with Chris Wright from Red Hat, this work is helping the Linux kernel community look into reducing the overhead of the kernel, so that we can see improved performance without losing the functionality provided by the kernel.
Johann Tönsing from Netronome Continue reading
We Are At HP Discover Conference in Barcelona Next Week
The Packet Pushers team are once again packing their virtual underpants and this time heading to Spain at HP Discover in Barcelona with our “cloud studio”. Next week we will enjoying some warm winter nerdiness on HP Networking products and strategy, looking closely at the ever-growing HP VAN strategy for SDN and also diving in the bread & […]
Author information
The post We Are At HP Discover Conference in Barcelona Next Week appeared first on Packet Pushers Podcast and was written by Greg Ferro.
Segmenting for security: Five steps to protect your network
Relying on a DMZ to protect your network and data is like putting money in a bank that depends on one guard and a single gate to secure its deposits. Imagine how tempting all those piles of money would be to those who had access — and how keen everyone else would be to obtain access.
But banks do not keep cash out on tables in the lobby, they stash it in security boxes inside vaults, behind locked doors, inside a building patrolled by a guard and secured by a gate. Likewise, network segmentation offers similar security for an organization’s assets.
+ ALSO ON NETWORK WORLD Free security tools you should try +
To read this article in full or to leave a comment, please click here
The Coming App-ocalypse – are we seeing Dot-Com 2.0?
Bubble 2.0?
I recently received a note from a colleague from ZeroHedge (http://www.zerohedge.com/news/2014-11-21/not-so-fab-1-billion-valuation-15-million-year) that was officially calling the beginning of the bubble bursting based on the untimely (or timely depending on your perspective) demise of the startup Fab. I had never heard of Fab, but according to ZeroHedge, Fab “started out as a dating site for the gay community and then relaunched as a flash sale site for home decor – raised $150 million just over a year ago (at a $1 billion valuation), but as TechCrunch reports today, multiple sources have confirmed that Fab is in talks to sell to PCH International for $15 million in a half cash and half stock deal. Pets.com?”
And Therefore…
Its a fair question indeed – are we seeing the same pattern we saw in the last bubble (i.e. Dot-Com 1.0) being repeated? Certainly, crazy valuations of equally crazy or non-existent business models are a cause for concern, but more important than that are the fundamentals of what is driving the speculation in the first place. In Dot-Com 1.0 we saw simultaneous speculative investment across at least 3 major areas: internet backbone infrastructure, internet edge/access Continue reading
4 Inevitable Questions When Joining a Monitoring Group, Pt. 2
Leon Adato, Technical Product Marketing Manager with SolarWinds is our guest blogger today, with a sponsored post in a four-part series on the topic of alerting. In the first part of this series, Leon explained how to answer the first of four (ok, really 5) questions that monitoring professionals are inevitably asked once they join […]
Author information
The post 4 Inevitable Questions When Joining a Monitoring Group, Pt. 2 appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.
Thwarting attackers with threat intelligence
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
News reports show cyber attacks continue to outpace IT’s ability to protect critical data, but teams that have built systems to deliver accurate threat intelligence can often end an attack before damage is done. Threat intelligence comes from commercially available information, ongoing analysis of user behavior and native intelligence from within the organization.
+ ALSO ON NETWORK WORLD 5 ways to escape password hell +
To read this article in full or to leave a comment, please click here
5 essentials of effective cloud data integration, a customer perspective
In search of agility and low overhead, companies are putting as many applications as practical in the cloud. But the resulting hybrid IT environments, where certain applications remain on-premise for security or other reasons, can result in data integration issues that reduce efficiency drags and hamper agility.
In fact, cloud integration is much more demanding than many people want to believe.
As an applications intelligence company that has built its customer-facing and internal operations primarily on cloud applications within a hybrid environment, AppDynamics has had considerable experience with cloud data integration. Here are the five essential data integration capabilities that any company serious about harnessing the cloud should have in its pocket:
To read this article in full or to leave a comment, please click here
The Degree or the Certification: Answering the Question
Okay, finally, I’m going to answer the question. For some value of the word “answer,” anyway. I’ve spent three weeks thinking through various question you should be asking, along the way making three specific points:
- Stop asking “should I get a degree or a certification,” and start asking “what do I want to learn next.” Neither degrees nor certifications are a “final point,” in education (terminal, in the vocabulary of the educational world).
- Learn to see beyond the question of specific technical skills — to think about the underlying skills, like abstraction.
- Stop acting and thinking like a widget. You are more than a money making machine.
Okay, so how do I actually decide?
First, ask: where do I want to go? Who do I want to be as a person, overall? This question needs to be a “bigger life” question, not a narrow, “how much money do I want to be making,” question. One of those other turning points in my life as an engineer was when Don S said to me one day, “When I’m gone, people aren’t going to remember me for writing a book. They are going to remember me as a father, friend, and Continue reading
Configure a DMVPN Spoke behind a Home router/modem
I’ve come across this scenario on multiple occasions now. Your company wants to set up a demo at a “customers” location. Your demo is reliant on its own router talking back to HQ to pull necessary data for the program in question. Unfortunately your internet connection at the “demo” site is sitting behind a NAT. […]
Author information
The post Configure a DMVPN Spoke behind a Home router/modem appeared first on Packet Pushers Podcast and was written by Korey.
Quick Peek: Juniper vMX Router
While the industry press deliberates the disaggregation of Arista and Cisco, and Juniper’s new CEO, Juniper launched a virtual version of its vMX router, which is supposed to have up to 160 Gbps of throughput (as compared to 10 Gbps offered by Vyatta 5600 and Cisco CSR). Can Juniper really deliver on that promise?
Read more ...Juniper SRX-110H EoL
Somehow I missed this when it was announced, but the Juniper SRX-110H-VA is End of Life, and is no longer supported for new software releases.
End of Life announcement is here, with extra detail in this PDF. Announcement was Dec 10 2013, with “Last software engineering support” date Dec 20 2013.
This is now starting to take effect, with 12.1X47 not supported on this platform:
Note: Upgrading to Junos OS Release 12.1X47-D10 or later is not supported on the J Series devices or on the low-memory versions of the SRX100 and SRX200 lines. If you attempt to upgrade one of these devices to Junos OS 12.1X47-D10, installation will be aborted with the following error message:
ERROR: Unsupported platform <platform-name >for 12.1X47 and higher
The replacement hardware is the SRX-110H2-VA, which has 2GB of RAM instead of 1GB. Otherwise it’s exactly the same, which seems a missed opportunity to at least update to local 1Gb switching.
Michael Dale has a little more info here, along with tips for tricking a 240H into installing 12.1X47.
So I decided to see if I could work around this and trick JunOS into installing on my 240H, I Continue reading
New Features in the GNS3 Jungle
Wanted to firstly thank everyone for their patience as we ran some maintenance in the GNS3 Jungle last evening in order to provide a moreMoving Workloads to the Clouds
David Spark published 16 tips for moving your workloads to the clouds. Contrary to the usual useless nonsense coming down from hybrid cloud evangelists (you know, the people who moved from “VMs following the sun” to “seamless hybrid cloud workload mobility”) some of the tips actually make sense, starting with “Have a real reason for the migration”. Enjoy!
Using EEM to Speed up Multicast Convergence when Receiver is Dually Connected
When deploying PIM ASM, the Designated Router (DR) role plays a significant part in how PIM ASM works. The DR on a segment is responsible for registering mulicast sources with the Rendezvous Point (RP) and/or sending PIM Joins for the segment. Routers with PIM enabled interfaces send out PIM Hello messages every 30 seconds by default.
After missing three Hellos the secondary router will take over as the DR. With the standard timer value, this can take between 60 to 90 seconds depending on when the last Hello came in. Not really acceptable in a modern network.
The first thought is to lower the PIM query interval, this can be done and it supports sending PIM Hellos at msec level. In my particular case I needed convergence within two seconds. I tuned the PIM query interval to 500 msec meaning that the PIM DR role should converge within 1.5 seconds. The problem though is that these Hellos are sent at process level. Even though my routers were barely breaking a sweat CPU wise I would see PIM adjacencies flapping.
The answer to my problems would be to have Bidirectional Forwarding Dectection (BFD) for PIM but it’s only supported on Continue reading
APIs, APIs…a look at Arista’s eAPI
Arista switches have an API known as eAPI. In this article, I will discuss some of the basics of how eAPI operates, how to connect to it, and how to gather network information using it. Basic eAPI operation eAPI uses JSON-RPC over HTTPS. What this means in simpler terms is that the communication to and […]
Author information
The post APIs, APIs…a look at Arista’s eAPI appeared first on Packet Pushers Podcast and was written by Kirk Byers.
Network Break 22
Cisco Loves and Hates Net Neutrality, SDN WAN continues to grow and Analysts as AWS puppy dogs - drooling, licking themselves and barking at the AWS reinvent conference.
Author information
The post Network Break 22 appeared first on Packet Pushers Podcast and was written by Greg Ferro.
PlexxiPulse— Plenty To Be Thankful For At Plexxi
As many of you know, it’s been a busy month here at Plexxi. It’s hard to believe that November is coming to a close and that Thanksgiving is next week. We have a lot to be thankful for this year, particularly our new CEO Rich Napolitano and for the support of our skilled and dynamic team members – both new and old. Wishing everyone a safe and happy Thanksgiving holiday!
In this week’s PlexxiTube of the week, our own Dan Backman explains how Plexxi’s datacenter transport fabric can be used in a datacenter or on campus.
Check out what we’ve been up to over the past few weeks on social media!
The post PlexxiPulse— Plenty To Be Thankful For At Plexxi appeared first on Plexxi.
Less Sales, Simpler Products, Easier Buying
Out of sheer frustration this week, I tweeted this and got a big response: The Back Story I’ve wasted about 60 hours of customers time working with resellers & vendors to get a quote for a relatively simple network upgrade. Neither the vendor staffers or the reseller employees knew how the product was licensed or […]
The post Less Sales, Simpler Products, Easier Buying appeared first on EtherealMind.
Removing OVS Configuration Settings
I’ve written quite a bit about Open vSwitch (OVS), but I realized recently that despite all the articles I’ve written I still haven’t talked about how to remove a configuration setting to OVS. I’m fixing that now with this article.
As part of my ongoing mission to give back to the open source community, I recently started making contributions and improvements to the OVS web site; specifically, I’ve been reformatting the configuration cookbooks to make them more readable (and to clean up the HTML source). Along the way, I’ve been adding small bits of content here and there. Most recently, I just updated the QoS rate-limiting entry, and I wanted to add information on how to remove the QoS settings.
Normally, you can remove an OVS configuration setting using the ovs-vsctl remove command. For example, if you set a VLAN tag on an port with this command:
ovs-vsctl set port vnet0 tag=100
Then you could remove that VLAN tag with this command:
ovs-vsctl remove port vnet0 tag 100
Note the slight syntactical difference in the two commands; the remove command expects four parameters.
It turns out, however, that this command won’t work for all configuration parameters. In some Continue reading