Archive

Category Archives for "Networking"

New GNS3 1.0 Beta 1

It appears that there are some significant changes ongoing with GNS3:     As mentioned by the GNS3 CEO and co-founder Stephen Guppy on 11th of August 2014, the new GNS3 will be more polished and will migrate to a multi-vendor emulation platform. For those using this tool, it’s a well known fact that GNS3 […]

SXSW Interactive 2015: Vote for CloudFlare’s Submissions

Has your Twitter feed been flooded with “vote for my SXSW panel” tweets? With so much buzz all over the place, we wanted to keep it simple and share all of the presentations and panels affiliated with CloudFlare, in one place. Check out CloudFlare's presentations and panels below. If our topics interest you, casting a vote will take just a few minutes!

How to vote:

  1. To sign up go to this link
  2. Enter your name & email address, then confirm your account
  3. Log in with your new account and go to the “PanelPicker”
  4. Click “search/vote” and search for your panel by title
  5. VOTE

Please note: Voting ends on September 6th!

PanelPicker voting counts for 30% of a sessions acceptance to SXSW. Our panels cover a variety of topics from a tell-all that reveals the real story behind the male/female co-founder dynamic to exploring ways to protect human rights online. There’s something for everyone so check them out and vote for your favorite! Every vote counts!

Help CloudFlare get to SXSW!

Presentations:

“Lean On” is the New “Lean In”
Matthew Prince, co-founder and CEO of CloudFlare will sit down with Michelle Zatlyn, co-founder and Head of User Experience at CloudFlare for Continue reading

Show 203 – SDN Policy + Congress with Martin Casado & Tim Hinrichs

This week, the Packet Pushers chat with Martin Casado & Tim Hinrichs about policy. What's policy, you ask? In the context of the software defined data center, policy is the big idea that what an IT system needs to do can be expressed in an abstract policy language. The need for abstraction exists because human beings aren't easily able to tell machines explicitly what they need to do build a system that conforms to a given policy.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks
TwitterGoogle+LinkedIn

The post Show 203 – SDN Policy + Congress with Martin Casado & Tim Hinrichs appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Jack of All Trades

“Jack of all trades, master of none…”

How many times have you heard that in your life? In your career as an engineer? I’ve probably heard it hundreds of times, if not thousands, from working on RADAR and various sorts of radio and other electronics in the US Air Force to as recently as last week. There seems to be a feeling that if you can’t know one thing really well unless you somehow give up on knowing a lot of other things — perhaps there is some sort of limiter in our brains that keeps us from learning more than a certain amount of “stuff” in a single lifetime, or some such nonsense. We’ve all seen the Sherlock Holmes moment, for instance, when Sherlock says something about not remembering something because he has so much other stuff to remember.

And we come back to this idea: Jack of all trades, master of none.

Now I’ll readily admit that I only have so much time to read, and therefore to learn new things. I have four or five wish lists on Amazon, each of which has more than 100 books on it. I have a reading list in Logos Bible Continue reading

Rant: Just stop it with the TFTP

TFTP was first defined in 1980. That is a very long time ago in IT, and while it’s s had a good run, it’s time for network engineers to stop using TFTP. It’s slow, insecure, and there are better options available.

TFTP is an unauthenticated, plain-text file transfer protocol. It is commonly used by network engineers to transfer switch configs, or IOS images. No passwords required, just a straight “Get this file ” or “Put this file ”. It uses UDP to transfer data. It is designed to be very simple, and light-weight. This is a large part of why it was popular – TFTP servers or clients could be implemented in low-powered devices, such as switches, VoIP phones, etc. Some systems also use it as part of an initial boot, where TFTP is used to retrieve the initial boot environment.

The main complaints I hear from engineers are “How do I get a TFTP server set up?”, and “Why is this taking so long to transfer?” Server configuration is just a Google exercise, but let’s look at file transfer speed.

Speedy? Not so much

For this test, I have a CentOS 6.x VM running on my laptop. I’m downloading Continue reading

Fundamentals – PMTUD – IPv4 & IPv6 – Part 1 of 2

One of IPv6′s features is the fact that routers are no longer supposed to fragment packets. Rather it’s up to the hosts on either end to work out the path MTU. This is different in IPv4 in which the routers along the path could fragment the packet. Both IPv4 and IPv6 have a mechanism to […]

Ethane Changed Everything – DevOps for Networking Could be Next

It’s an interesting time in networking, isn’t it?  I can probably quote myself saying that for as long as I’ve been blogging and about a year before that.  Supposedly 2015 is the year of POCs, bakeoffs, and seeing which startups continue to get funding, and which ones slowly dissolve.  As we start to see who the winners and losers may be, I thought it would be good to highlight the last 7 years and where the major focuses areas have been and see what could be next.
Hello OpenFlow!

By now, many of us know who Martin Casado is and what he’s done.  His PhD work, Ethane, at Stanford with Nick McKeown and team led to the pre 1.0 work of OpenFlow.  For the first several years of the network (r)evolution, it was all about OpenFlow.  By 2009, the phrase Software Defined Networking had emerged and referred to OpenFlow enabled architectures.  It was easy to understand.

  • As the industry chatter increased on OpenFlow architectures, hardware commoditization, and the de-coupling of the control plane and data plane, Casado had already started Nicira with McKeown and Shenker.
  • When limitations were seen on what Continue reading

Is Data Center Trilogy Package the Right Fit to Understand Long Distance vMotion Challenges?

A reader sent me this question:

My company will have 10GE dark fiber across our DCs with possibly OTV as the DCI. The VM team has also expressed interest in DC-to-DC vMotion (<4ms). Based on your blogs it looks like overall you don't recommend long-distance vMotion across DCI. Will the "Data Center trilogy" package be the right fit to help me better understand why?

Unfortunately, long-distance vMotion seems to be a persistent craze that peaks with a predicable period of approximately 12 months, and while it seems nothing can inoculate your peers against it, having technical arguments might help.

Read more ...

The Cost of DNNSEC

If you’re playing in the DNS game, and you haven’t done so already, then you really should be considering turning on security in your part of the DNS by enabling DNSSEC. There are various forms of insidious attack that start with perverting the DNS, and end with the misdirection of an unsuspecting user. DNSSEC certainly allows a DNS resolver to tell the difference between valid intention and misdirection. But there's no such thing as a free lunch, and the decision to turn on DNSSEC is not without some additional cost in terms of traffic load and resolution time. In this article, I'll take our observations from running a large scale DNSSEC adoption measurement experiment and apply them to the question: What’s the incremental cost when turning on DNSSEC?

Installing Chef Server, Client, and Node

I want to get Chef installed and running before we dive into all of the lingo required to fully understand what Chef is doing.  In this post we’ll install the Chef Server, a Chef client, and a test node we’ll be testing our Chef configs on.  That being said, let’s dive right into the configuration!

Installing Chef Server
The Linux servers I’ll be using are based on CentOS (the exact ISO is CentOS-6.4-x86_64-minimal.iso).  The Chef server is really the brains of the operation.  The other two components we’ll use in the initial lab are the client and the node both of which interact with the server.  So I’m going to assume that I’ve just installed Linux and haven’t done anything besides configured the hostname, IP address, gateway, and name server (as a rule, I usually disable SELinux as well).  We’ll SSH to the server and start from there…

The base installation of CentOS I’m running doesn’t have wget installed so the first step is to get that…

yum install wget –y

The next step is to go the Chef website and let them tell you how to install the server.  Browse Continue reading

Experimenting with Kernel-powered Open vSwitch and Docker

I've been thinking about running Docker on CoreOS and Project Atomic lately... While the deployment model would be pretty different to what we are used to, I have 50% of the work already done in docker-ovs so I was interested to see if my containers would work on a system with the Open vSwitch kernel module loaded...

As I'm a Mac User, I use boot2docker for all my docker-related things. It's also pretty easy to change the kernel config to allow the Open vSwitch module to be loaded.

  1. Install boot2docker

  2. Clone my fork

  3. git checkout openvswitch

  4. Build the iso

    docker build -t boot2docker . && docker run --rm boot2docker > boot2docker.iso

  5. Run boot2docker with the new iso

    boot2docker destroy
boot2docker init --iso="`pwd`/boot2docker.iso"
boot2docker up

  6. Load the Open vSwitch kernel module

    boot2docker ssh
sudo modprobe openvswitch
exit

  7. Run an Open vSwitch container

    docker run -t -i --privileged=true davetucker/docker-ovs:2.1.2 /bin/sh
export OVS_RUNDIR=/var/run/openvswitch
sed -i s/nodaemon=true/nodaemon=false/g /etc/supervisord.conf
supervisord

  8. Test it out

    ovs-vsctl add-br br0
ovs-vsctl show
# This didn't work before
ovs-dpctl show

This isn't a thorough test. I'd like to create some traffic and see the Continue reading

What Does SolarWinds Know About Your Applications?

In a Tech Field Day Extra briefing held at VMworld 2014, SolarWinds chatted with the delegation about the future of their product set. If you’re thinking of SolarWinds as that little company that does red light / green light and makes pretty meters that show network bandwidth utilization, you’ve lost track of what […]

[SDN Protocols] Part 3 – OVSDB

This entry is part 4 of 4 in the series SDN Protocols

Today, we will be discussing the Open vSwitch Database Management Protocol, commonly (and herein) referred to as OVSDB. This is a network configuration protocol that  has been the subject of a lot of conversations pertaining to SDN. My goal in this post is to present the facts about OVSDB as they stand. If you want to know what OVSDB does, as well as does NOT do, read on.

I would like to call out a very important section, titled “OVSDB Myths”. I have encountered a lot of false information about OVSDB in the last year or so, and would like to address this specifically. Find this section at the end of this post.

If you’re new to OVSDB, it’s probably best to think of it in the same way you might think of any other configuration API like NETCONF, or maybe even proprietary vendor configuration APIs like NXAPI; it’s goal is to provide programmatic access to the management plane of a network device or software. However, in addition to being a published open standard, it is quite different in it’s operation from other network APIs.

 

Control vs Continue reading

Designing Networks for Selfish Users is Hard

‘ On Earth Day at 1990 , New York City’s Transportation Commissioner decided to close 42d Street , which as every New Yorker knows is always congested. “Many predicted it would be doomsday,” said the Commissioner, Lucius J. Riccio. “You didn’t need to be a rocket scientist or have a sophisticated computer queuing model to […]

Author information

Orhan Ergun

Orhan Ergun, CCIE, CCDE, is a network architect mostly focused on service providers, data centers, virtualization and security.

He has more than 10 years in IT, and has worked on many network design and deployment projects.

In addition, Orhan is a:

Blogger at Network Computing.
Blogger and podcaster at Packet Pushers.
Manager of Google CCDE Group.
On Twitter @OrhanErgunCCDE

The post Designing Networks for Selfish Users is Hard appeared first on Packet Pushers Podcast and was written by Orhan Ergun.

CORE Network Emulator 4.7: What’s New

The CORE Network Emulator development team released CORE version 4.7 in August 2014. I installed this new version of CORE on a newly-installed Linux 14.04 system and tested some of the new features.

CORE-007

In this post, I list the new features that are most relevant to researchers who use the CORE GUI to set up and run network simulations. I also list some of the defects that I found, along with workarounds.

Updates and New features

The following are the most updates and new features most visible to users like me, who use the CORE GUI. There are many other updates and new features so read the CORE 4.7 release notes to review all the changes in CORE 4.7.

Link effects

The CORE team made some major improvements to the way link effects are implemented. This alone is worth upgrading to CORE 4.7. The changes are:

  • Allow jitter to be configured on links
  • Link effects, such as delay and jitter, now can be configured between hub/switch and hub/switch connections (not just between routing nodes such as PCs and Routers).
  • Link effects can be configured or changed during runtime, after the simulation is started.
  • Allow Continue reading
1 3,224 3,225 3,226 3,227 3,228 3,352