0

Open vSwitch performance monitoring

Credit: Accelerating Open vSwitch to “Ludicrous Speed”

Accelerating Open vSwitch to "Ludicrous Speed" describes the architecture of Open vSwitch. When a packet arrives, the OVS Kernel Module checks its cache to see if there is an entry that matches the packet. If there is a match then the packet is forwarded within the kernel. Otherwise, the packet is sent to the user space ovs-vswitchd process to determine the forwarding decision based on the set of OpenFlow rules that have been installed or, if no rules are found, by passing the packet to an OpenFlow controller. Once a forwarding decision has been made, the packet and the forwarding actions are passed back to the OVS Kernel Module which caches the decision and forwards the packet. Subsequent packets in the flow will then be matched by the cache and forwarded within the kernel.

The recent Open vSwitch 2014 Fall Conference included the talk, Managing Open vSwitch across a large heterogeneous fleet by Chad Norgan, describing Rackspace's experience with running a large scale OpenStack deployment using Open vSwitch for network virtualization. The talk describes the key metrics that Rackspace collects to monitor the performance of the large pools of Open vSwitch instances.

Continue reading

0

Don’t Judge a White Box by Its Color

Hey all, happy new year and this is my first post in 2015.   I wanted to take a step back and ease us into this year with

0

Time For A Data Diet?

I’m running out of drive space. Not just on my laptop SSD or my desktop HDD. But everywhere. The amount of data that I’m storing now is climbing at an alarming rate. What’s worse is that I often forget I have some of it until I go spelunking back through my drive to figure out what’s taking up all that room. And it’s a problem that the industry is facing too.

The Data Junkyard

Data is accumulating. You can’t deny that. Two factors have lead to this. The first is that we now log more data from things than ever before. In this recent post from Chris Evans (@ChrisMEvans), he mentions that Virgin Atlantic 787s are generating 500GB of data per flight. I’m sure that includes telemetry, aircraft performance, and other debugging information that someone at some point deemed crucial. In another recent article from Jacques Mattheij (@JMattheij), he mentions that app developers left the debug logging turned on, generating enormous data files as the system was in operation.

Years ago we didn’t have the space to store that much data. We had to be very specific about what needed to be Continue reading

0

Python and MySQL

Let me preface this post by stating I am not a database expert. I use them occasionally now and then. The below post probably doesn’t show best practices. If you have any suggestions feel free to comment. Over the weekend I’ve been testing various ways for me to store, update, and retrieve data from a […]

0

Self Evident

0

Totally Redesigned Free Content Web Site

One of the main complaints I was continuously getting about my free content is that there’s simply too much of it, and that it’s impossible to find what one is looking for.

New Year holidays gave me enough time to implement a project that has been on my to-do list for almost a year: total redesign of the free content web site. Feedback highly appreciated!

0

Infographic: SDN’s Pulse Among Service Providers

Infographic: SDN's Pulse Among Service Providers

---

by Steve Harriman, VP of Marketing - January 6, 2015

As Howard Baldwin recently wrote in InfoWorld, the lure of new enterprise technology is great, but then comes the inevitable uncertainty about how in the world to manage it. The backdrop for his comment is the service provider survey we conducted last month at the SDN/MPLS International Conference in Washington, D.C.  As the infographic below shows, production deployment of SDN is way up among service providers, but nearly all are concerned about management.

Baldwin concludes his article by pointing out that although SDN holds great promise for automating and managing WAN operations, traditional management tools, processes, and standards will not work. The good news, he says, is that “…IT is not only being liberated from hardware-specific configuration, it’s also being liberated from hardware-specific management. In other words, you’ll be able to manage devices the way you want to, not the way the application dictates.”

Right now that’s more of a hope than a concrete solution. At Packet Design, we have made some headway on our concept of a Network Access Broker. See our conceptual demo here: http://www.packetdesign.com/blog/network-access-broker-conceptual-demo

Continue reading

0

Hello 2015!

Hard to be believe 2014 is gone and and 2015 is here! Yea I know we are already a few days into 2015 but hey for some reason I still hear people saying “Happy New Year”, much like I still Christmas decorations out. So what’s in store in for 2015!? Well we are going to […]

0

PQ Show 40 – HP Networking – Multi Service Routers (HP MSR)

This is a continuation of the sponsored series of shows we recorded at the HP Discover Barcelona conference in December 2014. An interesting facet of HP Discover to me was meeting smart HP folks at random. Sue Darte is such a person I was lucky enough to bump into. Here’s the story. While waiting to record a […]

Author information

The post PQ Show 40 – HP Networking – Multi Service Routers (HP MSR) appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

OpenFlow integration

Northbound APIs for traffic engineering describes how sFlow and OpenFlow provide complementary monitoring and control capabilities that can be combined to create software defined networking (SDN) solutions that automatically adapt the network to changing traffic and address high value use cases such as: DDoS mitigation, enforcing black lists, ECMP load balancing, and packet brokers.

The article describes the challenge of mapping between the different methods used by sFlow and OpenFlow to identify switch ports:

• Agent IP address ⟷ OpenFlow switch ID
• SNMP ifIndex ⟷ OpenFlow port ID

The recently published sFlow OpenFlow Structures extension addresses the challenge by providing a way for switches to export the mapping as an sFlow structure.

The Open vSwitch recently implemented the extension, unifying visibility and control of the virtual network edge. In addition, most physical that support OpenFlow also support sFlow. Ask vendors about their plans to implement the sFlow OpenFlow Structures extension since it is a key enabler for SDN control applications.

0

A Look Ahead to Packet Pushers Content in 2015

Here’s an update on some Packet Pushers news, and a look ahead to the content we’re planning for 2015. No scary announcements, just some thoughts to share. Circling Back Around On Show 200 I think we’ve mentioned it before, but the response we received to show 200 was very encouraging to us. That’s understated. You really blew […]

Author information

The post A Look Ahead to Packet Pushers Content in 2015 appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

Internet Connectivity via Linux Host

-Intro - This post will serve as a step by step tutorial for setting up a GNS3 network with an internet connection with the host system is

0

Get ready to replace datacenter appliances with telco services

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  As 2014 drew to a close, Network World contributor Steve Alexander proclaimed 2015 to be the year that Software Defined Networking (SDN) and Network Functions Virtualization (NFV) go mainstream. Calling them "transformative technologies," Alexander expects enterprises to consume services from telcos and other service providers instead of buying traditional data center hardware appliances.To read this article in full or to leave a comment, please click here

0

The Innovators of Computer Networking (Infographic)

Originally published on the Auvik blog The history of computer networking reaches back surprisingly far. As early as the 1790s, intrepid

0

Continuous Integration Pipeline for Networking

Popular development methodologies like Continuous Integration are usually accompanied by some kind of automated workflow, where a developer checks in some source code, which kicks off automated review, testing, and deployment jobs. I believe the same workflows can be adopted by network engineers.

Let’s say you are the Senior Network Engineer for your entire company, which boasts a huge network. You don’t have time to touch every device, so you have a team of junior-level network engineers that help you out. Let’s say you want to offload the creation/deletion of DHCP reservations to these junior engineers, but you still want to be able to approve all changes, just as a last line of defense, and a sanity check.

For this, I’m gong to show you how I’m managing my own home DHCP server (ISC) with Gerrit, Jenkins, and Ansible.

 

Config Review and Versioning with Git and Gerrit

I mentioned in a previous post that version control is an important component of efficiently managing network infrastructure. I’m going to take it a step further than what most are doing with RANCID, which is traditionally used at the end of a Continue reading

0

On Losing

When I got off the phone, I knew I’d blown it. I’d gotten so wrapped up in the discussion on eVPNs that I might have crossed over that magical line between, “this is a really neat technology,” to, “this technology will solve world hunger.” It brought back to mind my first “real fight” in the world of technology, a long ago argument between two network operating systems (Novell Netware and Banyan Vines).

At the time, I was a buck sergeant in the USAF assigned to the Small Computer Support Office. We were building a new base backbone, and trying to decide what network operating system to standardize on as an organization (as a base). The decision had come down to two options — Novell Netware and Banyan Vines. I was in the camp that wanted Vines. In fact, I’d written two papers (long’ish, on the order of 80 pages each), going through the positives and negatives in each direction. I’d been to a number of meetings, and we had small networks set up running both in our lab. In the end, though, I lost. The technology I was advocating for wasn’t chosen by “the powers that be,” and so Continue reading

0

Overview: Unified Threat Management user interfaces

Video

0

CheckPoint, Watchguard earn top spots in UTM shootout

When it comes to unified threat management appliances aimed at the SMB market, vendors are finding a way to fit additional security features into smaller and more powerful appliances. In 2013, we looked at nine UTMs. This time around we reviewed six products: the Calyptix AccessEnforcer AE800, Check Point Software’s 620, Dell/Sonicwall’s NSA 220 Wireless-N, Fortinet’s FortiWiFi-92D, Sophos’ UTM SG125 and Watchguard Technologies’ Firebox T10-W. (Cisco, Juniper and Netgear declined to participate.) We observed several megatrends across all the units that we tested:To read this article in full or to leave a comment, please click here(Insider Story)

0

BGPSEC: Signatures and Performance

BGPSEC is a set of BGP extensions being developed by the SIDR working group of the IETF to improve the security of the Internet’s routing infrastructure. So far in this series, we’ve looked at the basic operation of BGPSEC, the protections offered, and then the first set of performance issues — how do we prevent […]

Author information

The post BGPSEC: Signatures and Performance appeared first on Packet Pushers Podcast and was written by Russ White.

0

BGP Deaggregation with Conditional Route Injection

Whenever there’s a weird request to do something totally illogical with BGP, there’s a knob in Cisco IOS to get it done (and increase the heartburn of CCIE candidates). Conditional Route Injection (the ability to insert more specific prefixes into BGP without having them in the IP routing table) is one of them.

Keep in mind: being a MacGyver is not a long-term strategy. Just because you can doesn’t mean that you should.

Read more ...