Unique RD per PE in MPLS VPN for Load Sharing and Faster Convergence

This post describes how load sharing and faster convergence in MPLS VPNs is possible by using an unique RD per VRF per PE. It assumes you are already familiar with MPLS but here is a quick recap.

The Route Distinguisher (RD) is used in MPLS VPNs to create unique routes. With IPv4, an IP address is 32 bits long but several customers may and probably will use the same networks. If CustomerA uses 10.0.0.0/24 and CustomerX also uses 10.0.0.0/24, we must in some way make this route unique to transport it over MPBGP. The RD does exactly this by prepending a 64 bit value and together with the IPv4 address, creating a 96-bit VPNv4 prefix. This is all the RD does, it has nothing to do with the VPN in itself. It is common to create RD consisting of AS_number:VPN_identifier so that a VPN has the same RD on all PEs where it exists.

The Route Target (RT) is what defines the VPN, which routes are imported to the VPN and the topology of the VPN. These are extended communities that are tagged on to the BGP Update and transported over MPBGP.

MPLS uses Continue reading

Setting Up Untangle NGFW in a GNS3 Environment.

Building on the premise set up in Lab Blueprint for CEH Aspirants or something gutsy to do on GNS3 !!. Let me introduce you to ( if you are

Headwinds, or Uphill?

As some of my readers know, I’ve done a fair bit of bike touring. Two of the challenges of bike touring are riding uphill, and riding into headwinds.

Riding uphill is tough. 2,300m passes in snow, or 3,200m passes in sunshine, it’s tough going. But you put your head down, and keep turning the pedals, because you know that eventually you will reach the top, and there will be a downhill reward.

Riding into headwinds is a different story. You can battle into headwinds for days, and never get any reward. It saps your energy, and you don’t know if or when it will ever end. The wind could just keep coming from that direction. I’ve gone to different countries just to avoid the wind in the past.

They’re both hard. But one of them has an end, and a reward. The other one can just keep on sucking away your will to live.

Applying it to Life

This applies to the rest of your life. The tricky bit is that sometimes you don’t know if you’re going uphill, or into the wind. Both of them feel hard, and you can’t always see the end in sight.

A Continue reading

ASA Discussion

Hello Everyone, There seems to be four major issues among the community. One of them is the ASA. I put together a brief discussion

Raspberry Pi RSPAN Capture Box

For some time I have had issues while doing captures such as finding the elusive “spare laptop” you can use, multiple trips out to the site to pick up the captures, or finding another NIC to put in there so you can connect remotely and copy the captures over the network, taking up 2 switch […]

Author information

Daniel Himes

Daniel Himes grew up in the country without power or running water, and yet somehow fell into IT, and from there into networking. He learned how to do his job by getting certifications till his resume looked like he is a Cisco salesman. Over at dhimes.com he has a few tools he came up with, however just a warning you’ll note on his linkedin page he makes no claim to being good at web-pages.

The post Raspberry Pi RSPAN Capture Box appeared first on Packet Pushers Podcast and was written by Daniel Himes.

I became CCIE# 46173

How does Internet work - We know what is networking

This is the story on how I became CCIE# 46173 To be honest, when I look back, I do not really know the main reason behind going through all this trouble, but I can tell you the story about how I did it. It’s mostly a thriller, and some drama towards the end. I will give you an overview of the whole process including the materials used, videos watched, books read and struggles that I went through. I think that is the right thing to do. This article is for all of you out there who are still trying to study for this exam and need some suggestions.

I became CCIE# 46173

Pick a Topic for NSX Deep Dive Software Gone Wild Episode

Dmitri Kalintsev, one of the networking guys from VMware NSX team, has kindly agreed to do an NSX technical deep dive Software Gone Wild episode… and you have the opportunity to tell him what you’d like to hear. It’s as easy as writing a comment, and we’ll pick one of the most popular topics.

Do keep in mind that we plan to do a technical deep dive, and it has to fit within an hour or so or nobody will ever listen to it, so please keep your suggestions focused. “Troubleshooting NSX”, “NSX Design”, or “NSX versus ACI ” is not what we’re looking for ;)

Network Field Day 9

I had a fantastic time at Network Field Day 8, and now I’ve been lucky enough to be invited back to NFD9 this February.

As usual, the Tech Field Day crew have put together a great mix of vendors. I particularly like the look of the SDN WAN-focused vendors, such as VeloCloud and cloudgenix. Much of the early SDN focus has been on the DC use-case, but that has limited applicability in my local market. SDN WAN solutions definitely apply to the New Zealand market though. I can think of several organisations where I’d love to have better WAN options today.

I’m also very happy to see Cumulus Networks making a first appearance. I’ve done a lot of Linux work during my career, and there’s many times I would have loved to have all the capabilities of a GNU/Linux environment on a switch. I think they will have a huge influence on how Network OSes are delivered in future.

Network Management has always been a large part of my career too, so I’m looking forward to hearing updates from SolarWinds, and to find out more about NetBeez.

There’s some old faces and new attending. I’m looking forward to meeting people who I’ve Continue reading

Show 220 – OpenFlow + Table Type Patterns with Curt Beckmann

Curt Beckmann, CTO for EMEA at Brocade, joins Packet Pushers Ethan Banks & Greg Ferro for an update of what’s been going on with the Forwarding Abstractions Working Group (FAWG) at the Open Networking Foundation (ONF). We get into a discussion of emerging Table Type Patterns within OpenFlow (OF), a way for OF switches and OF […]

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post Show 220 – OpenFlow + Table Type Patterns with Curt Beckmann appeared first on Packet Pushers Podcast and was written by Ethan Banks.

On-going BGP Hijack Targets Palestinian ISP

It’s a new year, but some things never change. In the past few days we have observed a spate of incidents of routing misbehavior including two man-in-the-middle routing hijacks conducted in the past couple of days by A2B Internet out of the Netherlands.

Beginning at 00:33:44 UTC on Thursday, 8 January, we began observing a routing hijack of IP address space normally announced by Mada Telecom (AS51047), a Palestinian ISP with presence in both Gaza and the West Bank. Beginning at that time, A2B Internet B.V. (AS51088) began announcing 46.244.81.0/24, which is a more-specific route of 46.244.80.0/23, normally announced by Mada.

Traceroutes directed to this address space are presently being re-directed to A2B Internet’s network in the Netherlands before continuing on to Palestine. For example:



trace from Cyberjava, Malaysia to Mada Telecom, PS on Jan 09, 2015

1                                                              *

2  x.x.x.x         (Cyberjaya, Malaysia)                   3.442

3  113.23.163.57   (Extreme Broadband, Malaysia)           0.696

4  113.23.190.109  (Extreme Broadband, Malaysia)           1.222

5  218.189.12.101  global.hgc.com.hk                      35.854

6  218.189.8.102   global.hgc.com.hk                      36.742

7  118.143.224.243 (Hutchison, Singapore)                 41.628

8  218.189.8.142   (Hutchison, Amsterdam)                190.787

9  195.219.150.6   (Tata, Amsterdam, NL)                 213.494

10 46.244.0.4      (A2B Internet, NL)                    200.990

11 141.136.97.5    (GTT, Amsterdam)                      268.366

12 4.68.70.97      xe-5-0-1.edge3.Amsterdam.Level3.net   300.909

13 4. Continue reading

iPexpert’s Newest “CCIE Wall of Fame” Additions 1/09/2015

Please Join us in congratulating the following iPexpert client who has passed his CCIE lab!

This Week’s CCIE Success Stories

Srikanth Navuluri, CCIE #45896 (Routing & Switching)
Rodrick Burke, CCIE #46154 (Wireless)
Bradley Lierman, CCIE #46093 (Collaboration)
Lee Ramirez, CCIE #46113 (Wireless)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

Plexxi Pulse—Networking Predictions: 2015 Edition

Happy New Year! The year is off to a great start and we are excited to see what 2015 will bring to the networking space. I have a few predictions of my own (think policy and disaggregation) that were recently published in Network World. What are your networking predictions for 2015? Below are our top picks for networking stories this week.

In this week’s PlexxiTube #FBF (Flashback Friday) video of the week, Dan Backman interviews VMworld 2014 attendees and asks what they’ve done to help their networks accommodate to Big Data.

Network World: SDN, data center predictions for 2015
By Jim Duffy
The predictions for data center and SDN in 2015 are still rolling in. Technology Business Research says software will pervade the data center while start-up Plexxi believes policy and disaggregation will be front and center. Here’s the link to TBR’s 2015 Data Center Predictions. Some of the more interesting prognostications in it are the acceleration of SDN in the enterprise and the ability of hyperconvergence to converge.

Network Computing: 10 SDN Startups On The Cutting Edge
By Marcia Savage
Small companies flush with VC money have led the way in software-defined networking. Here are 10 of the hottest Continue reading

Mikrotik L2TP with IPsec for mobile clients

I got some questions about how to configure Mikrotik to act as L2TP Server with IPsec encryption for mobile clients. I know this is not exactly in the line of this blog oriented on enterprise networks, but it’s network technology in the end so I’ll try to cover it here.

CCIE R&S,SP,Wireless,Collaboration,Datacenter,Security Preparation Recommendations

Orhan Ergun and Neil Moore talked about CCIE Preparation on the packetpushers podcast. Neil Moore is only 8xCCIE in the world and well known geek and HP fellow. Which exam is the hardest ? What are their advises ? Which certification should be received first, what should be the order ? CCIE vs […]

The post CCIE R&S,SP,Wireless,Collaboration,Datacenter,Security Preparation Recommendations appeared first on Network Design and Architecture.

Palo Alto Virtual Firewalls on Software Gone Wild

One of the interesting challenges in the Software-Defined Data Center world is the integration of network and security services with the compute infrastructure and network virtualization. Palo Alto claims to have tightly integrated their firewalls with VMware NSX and numerous cloud orchestration platforms - it was time to figure out how that’s done, so we decided to go on a field trip into the scary world of security.

Book Review – End-to-End QoS Network Design: Quality of Service for Rich-Media & Cloud Networks, Second Edition

As part of my CCDE studies, I needed a good resource on QoS. There have basically been two good books on QoS before, the first edition of End to End Qos Network Design and Qos-Enabled Networks: Tools and Foundations. The first edition of this book is good but very dated, it was released back in 2004. Qos-Enabled Networks is a great book but it’s written to not be vendor specific, so you will not get details on platforms or configuration snippets.

In my opinion, earlier books gave a good foundation to understand QoS concepts but there were too few design cases, they were lacking platform information and not enough examples to be able to act as a reference. Since the first edition of this book, a lot has happened, new products and new Places In the Network (PIN) such as Datacenter, Wireless and to some degree MPLS.

The book is written by Tim Szigeti, Christina Hattingh, Robert Barton and Kenneth Briley Jr. Tim is a long time CCIE, technical leader at Cisco. He is the QoS gury responsible for a lot of the Cisco Validated Designs (CVDs) and a frequent presenter at Cisco Live. Christina is a former Technical Marketing Continue reading

Networking FAQ 2: Certifications

Continue reading · No comments

Problems with kvm-ok in VIRL with VMWare Player

I'm installing Cisco VIRL, and despite following the instructions regarding nested virtualization settings, the kvm-ok command was still complaining. I needed to edit the .vmx file for the VIRL VM and add/edit the following:

monitor.virtual_mmu = "hardware"
monitor.virtual_exec = "hardware"
vhv.enable = "TRUE"
monitor_control.restrict_backdoor = "true"

Problems with kvm-ok in VIRL with VMWare Player

monitor.virtual_mmu = "hardware"
monitor.virtual_exec = "hardware"
vhv.enable = "TRUE"
monitor_control.restrict_backdoor = "true"

It’s the logical flow that matters!

Yes, kind of like the phrase “It’s the economy stupid” from the 1992 presidential campaign. As we ramp up to the

« Previous 1 … 3,231 3,232 3,233 3,234 3,235 … 3,411 Next »

Archive

Applying it to Life

Author information

Author information

This Week’s CCIE Success Stories

We Want to Hear From You!