BGP-LS BGP Link State – What is it? Why BGP LS is used?
BGP LS, BGP Link-State is used to distribute Link state information and traffic engineering attributes from the network nodes to the Centralized TE controller. RSVP-TE has been providing resource allocation and providing an LSP with the distributed path computation algorithm (CSPF) for decades. It requires topology information from the network and only link-state IGP protocols such as OSPF and IS-IS can carry the topology information required for the controller to set up a shortest from each node to each destination prefix.
In order to overcome Bin Packing, Dead Lock, or Network-wide optimal traffic engineering, centralized controllers have been used for a long time. Because with the distributed computation for Traffic Engineering, the above issues might arise.
RFC 7752 specifies the details of North-Bound Distribution of Link-State and Traffic Engineering (TE) Information Using BGP.
PCE (Path Computation Element) is an SDN controller which provides optimal path computation in Multi Area and Multi AS (Autonomous System) deployments.
It requires Link State and Traffic Engineering attributes such as Link coloring, SRLG, reserved bandwidth, etc., from the network.
Link state IGP protocols (OSPF, IS-IS) can be used for this purpose but they are considered chatty and non-scalable, thus BGP with Continue reading
CCIE Service Provider v5.0 What, Why, When?
In this post, we will look at what is CCIE Service Provider v5.0, what comes with it, which technologies we need to learn, what is the difference between CCIE SP v4 and CCIE SP v5, why you should study for CCIE Service Provider v5, when you should study for CCIE SP exam, after which certificate you should aim it for, we will look at all of these questions.
What is the Cisco CCIE Service Provider v5 Exam?
The CCIE Service Provider v5 lab exam is testing skillsets related to the service Provider solutions integration, interoperation, configuration, and troubleshooting in complex networks. CCIE SP v5 is the latest version of the CCIE Service Provider lab exam. When the candidates pass this exam, they get their CCIE number.
This certification syllabus covers most, if not all real-life Service Provider network technologies.
What is the difference between CCIE SP v4 and CCIE SP v5?
From the technology standpoint, the biggest difference between CCIE SPv4.1 and the CCIE SP v5.0 exam is Network Programmability and Automation Module. It is 20% of the entire exam, thus very important in the CCIE Service Provider exam. You can access Orhan Ergun’s CCIE SP Network Continue reading
Tech Bytes: The Evolution Of Zero Trust Network Access (Sponsored)
Today on the Tech Bytes podcast, sponsored by Palo Alto Networks, we talk about Zero Trust Network Access and how it’s evolving to provide more comprehensive and consistent security.Tech Bytes: The Evolution Of Zero Trust Network Access (Sponsored)
Today on the Tech Bytes podcast, sponsored by Palo Alto Networks, we talk about Zero Trust Network Access and how it’s evolving to provide more comprehensive and consistent security.
The post Tech Bytes: The Evolution Of Zero Trust Network Access (Sponsored) appeared first on Packet Pushers.
Orhan Ergun CCIE Enterprise Infrastructure Course Review 1
I see some people have been asking what other people are thinking about Orhan Ergun’s CCIE Enterprise course, thus starting today to share what other people share about us on their blog posts as well. Not just on social media, but with these blog posts, because they are able to share more thoughts about us, I think it is very valuable feedback for everyone.
I would like to start with the website ‘ samovergre.com ‘.
He is our CCIE Enterprise student and you can find his CCIE study plan on this page. He is sharing feedback about our CCIE Enterprise training and other study materials he uses for his CCIE Enterprise study.
Why Orhan Ergun CCIE Enterprise Infrastructure Course?
One thing that was very important there was that He understand the uniqueness of our CCIE Enterprise Training. It is the design part.
Everyone can teach you how to configure routers or routing protocols, but a design mindset is a completely unique thing and for years, if you are a Network Engineer, probably you have heard about our CCDE training and its success too.
Now, we continue delivering our design knowledge and experience to our CCIE students as well and Continue reading
netsim-tools: Combining VLANs with VRFs
Last two weeks we focused on access VLANs and VLAN trunk implementation in netsim-tools. Can we combine them with VRFs? Of course.
The trick is very simple: attributes within a VLAN definition become attributes of VLAN interfaces. Add vrf attribute to a VLAN and you get all VLAN interfaces created for that VLAN in the corresponding VRF. Can’t get any easier, can it?
How about extending our VLAN trunk lab topology with VRFs? We’ll put red VLAN in red VRF and blue VLAN in blue VRF.
Cloudflare is redefining employee well-being in Japan
This post is also available in 日本語
“You can accomplish anything if you do it. Nothing will be accomplished unless you do it. If nothing is not accomplished, that’s because no one did it.“
— Yozan Uesugi
Long hours and hard work. If you ask anyone in Japan what our work culture is like, chances are, these are the words that will come to mind. Different countries have their own cultures and also specific work habits and ways of having a work-life balance. The pandemic brought everyone (companies and their people) a new reality, new lessons, and new habits. Here at Cloudflare, our thinking around where and how we do our best work has evolved over the course of the pandemic. We care about addressing the diverse needs of our workforce and our policies and benefits are designed to optimize for their flexibility and needs. To that end, Cloudflare Japan is making a few important changes to our employee benefits:
- “take what you need” time off for all our employees
- 16-week gender-neutral paid parental leave
- flexible working hours
First, let’s try to understand a bit of the Japanese work culture. According to Japan’s labor laws, Japanese employed workers are Continue reading
BGP communities part 3: Customer BGP Traffic Engineering communities
If you’ve ever been asked to prioritize one internet connection over another for any variety of reasons, cost, latency, SLA, etc… this is for you.
Often I hear the same tactics to solve this problem:
- AS-PATH prepending
- conditional advertisements
- scripting
- some other manual process
However, most carriers offer customer BGP TE communities that you can use to influence traffic within their AS, with one notable exception Hurricane Electric. If you’re not sure what a BGP community take a quick look at this post on them first.
Lets explore how to utilize these, where to find them, and how they might give more deterministic path selection than the options laid out above.
BGP Topology
Default behavior with no modification
First to get familiar with the topology and show reachability we’ll leave all settings as “defaults” with no modifications.
ISP-1-RTR-1#traceroute 203.0.113.1 source 192.0.2.1
Type escape sequence to abort.
Tracing the route to 203.0.113.1
VRF info: (vrf in name/id, vrf out name/id)
1 100.123.0.1 1 msec 1 msec 1 msec
2 100.124.0.2 1 msec 0 msec 0 msec
3 100.126.0.10 2 msec * 1 Continue readingUsing OpenSSL with Ed Harmoush 3/6 Troubleshooting: Matching Keys To Certificates – Video
ED, HIS TLS COURSE, AND THE FREE OPENSSL CHEATSHEET Twitter @ed_pracnet https://practicalnetworking.net Practical TLS course: https://pracnet.net/tls OpenSSL Cheatsheet: https://pracnet.net/openssl FILES FOR THE CERT/KEY MATCHING EXERCISE: ZIP VERSION: packetpushers-pracnet-openssl.zip https://ln5.sync.com/dl/1f1f63d90/kqztwkp9-hkcz3yvq-tuzx79ke-aewxgaip TAR.GZ VERSION: packetpushers-pracnet-openssl.tar.gz https://ln5.sync.com/dl/0791b8d50/q973jpyb-qrmz3cpd-xeiar9zn-qu99gi5w FOR MORE INFO Hashing, Hashing Algorithms, and Collisions – Cryptography Symmetric Encryption vs Asymmetric Encryption Public & Private Keys – Signatures & […]
The post Using OpenSSL with Ed Harmoush 3/6 Troubleshooting: Matching Keys To Certificates – Video appeared first on Packet Pushers.
Heavy Networking 634: Why (Not) MikroTik?
Today's Heavy Networking gets into networking hardware from MikroTik, a vendor you may not have heard of. Our guest is Kevin Myers, a senior network architect and consultant who uses MikroTik with a variety of clients big and small. We'll find out what MikroTik is good for, and not good for, management and support, and more. This is a non-sponsored episode.
The post Heavy Networking 634: Why (Not) MikroTik? appeared first on Packet Pushers.
Heavy Networking 634: Why (Not) MikroTik?
Today's Heavy Networking gets into networking hardware from MikroTik, a vendor you may not have heard of. Our guest is Kevin Myers, a senior network architect and consultant who uses MikroTik with a variety of clients big and small. We'll find out what MikroTik is good for, and not good for, management and support, and more. This is a non-sponsored episode.How to Retain Talent in Uncertain Circumstances
Recruiters may be calling your top talent right now. Here's what you can do to make your employees more likely to let those calls go to voice mail.Using OpenSSL with Ed Harmoush 2/6 Generating Certificates – Video
ED, HIS TLS COURSE, AND THE FREE OPENSSL CHEATSHEET Twitter @ed_pracnet https://practicalnetworking.net Practical TLS course: https://pracnet.net/tls OpenSSL Cheatsheet: https://pracnet.net/openssl FILES FOR THE CERT/KEY MATCHING EXERCISE: ZIP VERSION: packetpushers-pracnet-openssl.zip https://ln5.sync.com/dl/1f1f63d90/kqztwkp9-hkcz3yvq-tuzx79ke-aewxgaip TAR.GZ VERSION: packetpushers-pracnet-openssl.tar.gz https://ln5.sync.com/dl/0791b8d50/q973jpyb-qrmz3cpd-xeiar9zn-qu99gi5w FOR MORE INFO Hashing, Hashing Algorithms, and Collisions – Cryptography Symmetric Encryption vs Asymmetric Encryption Public & Private Keys – Signatures & […]
The post Using OpenSSL with Ed Harmoush 2/6 Generating Certificates – Video appeared first on Packet Pushers.
Friday Thoughts Pre-Cisco Live
It’s weird to think that I’m headed out to Cisco Live for the first time since 2019. The in-person parts of Cisco Live have been sorely missed during the pandemic. I know it was necessary all around but I didn’t realize how much I enjoyed being around others and learning from the community until I wasn’t able to do it for an extended period of time.
Now we’re back in Las Vegas and ready to take part in something that has been missed. I’ve got a busy lineup of meetings with the CCIE Advisory Council and Tech Field Day Extra but that doesn’t mean I’m not going to try and have a little fun along the way. And yes, before you ask, I’m going to get the airbrush tattoo again if they brought the artist back. It’s a tradition as old as my CCIE at this point.
What else am I interested in?
- I’m curious to see how Cisco responds to their last disappointing quarter. Are they going to tell us that it was supply chain? Are they going to double down on the software transition? And how much of the purchasing that happened was pull through? Does that mean Continue reading
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
Just after 1200 UTC on Tuesday, June 7, the Africa-Asia-Europe-1 (AAE-1) and SEA-ME-WE-5 (SMW-5) submarine cables suffered cable cuts. The damage reportedly occurred in Egypt, and impacted Internet connectivity for millions of Internet users across multiple countries in the Middle East and Africa, as well as thousands of miles away in Asia. In addition, Google Cloud Platform and OVHcloud reported connectivity issues due to these cable cuts.
The impact
Data from Cloudflare Radar showed significant drops in traffic across the impacted countries as the cable damage occurred, recovering approximately four hours later as the cables were repaired.
It appears that Saudi Arabia may have also been affected by the cable cut(s), but the impact was much less significant, and traffic recovered almost immediately.
In the graphs above, we show that Ethiopia was one of the impacted countries. However, as it is landlocked, there are obviously no submarine cable landing points within the country. The Afterfibre map from the Network Startup Resource Center (NSRC) shows that that fiber in Ethiopia connects to fiber in Somalia, which experienced an impact. In addition, Ethio Telecom also routes traffic through network providers in Kenya and Djibouti. Djibouti Telecom, one of these providers, in turn Continue reading