In this featured interview with Atiq Raza, chairman and CEO of Calient, we learn about the new challenges driving the future of data center design and how the growing popularity of POD architecture simplifies the need for managing operations.
InMon president Peter Phaal shares his thoughts on the power of Open Switching Platforms and the Software Defined Data Center.
Here’s the scenario: An enterprise network with an MPLS core and two branch locations connected to their own Provider Edge (PE) router. In addition to the MPLS link, the PEs are also connected via a DMVPN tunnel. The PEs are peering via iBGP (of course) and are also OSPF neighbors on the DMVPN. Both Customer Edge (CE) routers at the branch are OSPF neighbors with their local PE.
Task: Use the high speed MPLS network as the primary path between the CE routers and only use the DMVPN network if the MPLS network becomes unavailable.
Question: Is the solution as simple as adjusting the Admin Distance (AD) so that the iBGP routes are more preferred?
The obvious first issue is the default AD for iBGP (200) is higher than the default AD of OSPF (110) which means the OSPF path over the DMVPN is going to be preferred. This is confirmed if we do a traceroute from R5 to R6:
R5#traceroute 6.6.6.6 source lo5
1 10.0.45.4 2 msec 0 msec 1 msec
2 10.10.10.7 17 msec 17 msec 17 msec
3 10.0.67.6 18 Continue reading
I was hungry. Perhaps that’s a good excuse, or perhaps not. Either way, I sat down after ordering, took a peanut, broke the nuts out of the shell, and ate them.
After eating the peanut, I felt less hungry. So I picked up another one and ate it, as well. Soon enough, long before I order came out in fact, I wasn’t really hungry any longer. I still ate, of course, because I’d bought the burger, and it was a good burger. The fries were pretty good, too. The sweet tea wasn’t shabby, either.
But I thought about the peanut it all started with as I ate the burger. You see, a peanut solved my hunger problem. So it one peanut solves my hunger, why couldn’t a pile of peanuts solve world hunger? So I took a pile of peanuts and put them on the table, considering something I’d never thought about before — I could solve world hunger. Right here, right now, in this place, I could actually solve a major problem the world has been struggling with for thousands of years.
Okay, but then where would I get these peanuts? The place I was in had boxes stacked Continue reading
Many issues reported with scanning subnets and updating host statuses are related to SElinux being enabled. So far the solution was to completely disable SElinux, but this was more workaround than anything else. Robert was kind enough to share SElinux policy that should be used with phpipam if SElinux is enabled on your server.
Basically it permits the opening of raw IP sockets for non-root users, that are required for executing ping command.
1) Create the file http_ping.tt and add the following to it:
module http_ping 1.0; require { type httpd_t; class capability net_raw; class rawip_socket { getopt create setopt write read }; } #============= httpd_t ============== allow httpd_t self:capability net_raw; allow httpd_t self:rawip_socket { getopt create setopt write read };
2) Run the following commands (as root user):
checkmodule -M -m -o http_ping.mod http_ping.tt semodule_package -o http_ping.pp -m http_ping.mod semodule -i http_ping.pp
brm
I was speaking with a participant of the recent SDN event in Zurich after the presentations, and he made an interesting comment: whenever he experienced serious troubleshooting problems in his career, it was due to lack of understanding of networking fundamentals.
Read more ...I was speaking with a participant of an SDN event in Zurich after the presentations, and he made an interesting comment: whenever he experienced serious troubleshooting problems in his career, it was due to lack of understanding of networking fundamentals.
Let me give you a few examples: Do you know how ARP works? What is proxy ARP? How does TCP offload work and why is it useful? What is an Ethernet collision and when would you see one? Why do we need MLD in IPv6 neighbor discovery?