[SDN Protocols] – New Series
The networking industry in the last few years has seen an explosion in buzzwords, slide decks, new technologies, and SDN product announcements. The honest truth is that the networking industry is still in a great state of flux, as we collectively discover what SDN means to us. There’s a lot of new terms floating around, and what makes things even harder to keep up with, the marketing engines are alive and well - muddying the waters, and making it nearly impossible to get technical facts straight.[SDN Protocols] – New Series
The networking industry in the last few years has seen an explosion in buzzwords, slide decks, new technologies, and SDN product announcements. The honest truth is that the networking industry is still in a great state of flux, as we collectively discover what SDN means to us. There’s a lot of new terms floating around, and what makes things even harder to keep up with, the marketing engines are alive and well - muddying the waters, and making it nearly impossible to get technical facts straight.Want Better Wi-Fi!
I talk to thousands of people every year that are wanting. They want bigger homes, more relations, bosses without attitudes, faster cars, and more powerful firearms. While a seemingly random list, one “want” at the top of almost everyone’s list...My Private Cloud Block Architecture Diagram
Here is a block diagram showing the functional areas in private & public cloud that I use when working with clients. I'm often explaining the full picture of cloud building especially in relation to how the network can be orchestrated to fully accelerate the cloud process. I hope you find it useful.
The post My Private Cloud Block Architecture Diagram appeared first on EtherealMind.
VMware bug: inconsistent LACP views
There is a bug which makes LACP related views inconsistent. Latest 5.5U1 vCenter is still affected Create a LAG interface (dvSwitch -> Settings -> LACP): Now open the “Migrate network traffic to LAGs” and enable lag1 interface as standby port (Manage Distributed Port Groups -> Teaming and failover -> select the port group): Let the process […](Visited 163 times since 2013-06-04, 1 visits today)
NetDevOps – The Journey Begins
The cultural divide between delegation of network control such as in the case of Cisco ACI, or VMware’s NSX is a cause for questioning. These are off the shelf products designed to solve a problem that exists today but introduce new problems to the organisations that acquire them. Who controls the network and at what stratum(1)? In the case of automation and orchestration products, who creates the templates? Who is allowed to trigger automation and orchestration events and even more importantly, when is that person allowed to do it? As the virtual networks are virtual, does control belong with the virtualisation team? Hrmmm. Lots of questions. Many of these are dependent on the company, customer and situation and might not be solved with the most marketed product. A regimented set of answers doesn’t exist, nor do I think there will ever be out of hyper scale data centre environments.
It has taken years for the DevOps community to understand how to handle the requirement of rapid and agile deployment. We’re not the first ones to go through this pain. Can you imagine a tightly controlled ITIL governed network suddenly being comfortable with partial or fully automated approach to network Continue reading
802.1x on Cisco Catalyst 2950
A very short post about 802.1x (dot1x) on Cisco Catalyst 2950 series. Configure RADIUS and enable dot1x on the switch: aaa authentication dot1x default group radius aaa accounting dot1x default start-stop group radius dot1x system-auth-control Then enable dot1x on all interfaces (additional security commands are added in the example below): interface FastEthernet0/1 switchport mode access […](Visited 179 times since 2013-06-04, 1 visits today)
Coffee Break 12
The Coffee Break will be renamed to the "The Network Break" and will be getting its own channel on the Packet Pushers Network. But for this week, we talk about the latest news in networking and physical infrastructure.Coffee Break 12
The Coffee Break will be renamed to the "The Network Break" and will be getting its own channel on the Packet Pushers Network. But for this week, we talk about the latest news in networking and physical infrastructure.
Author information
The post Coffee Break 12 appeared first on Packet Pushers Podcast and was written by Greg Ferro.
Coffee Break 12
The Coffee Break will be renamed to the "The Network Break" and will be getting its own channel on the Packet Pushers Network. But for this week, we talk about the latest news in networking and physical infrastructure.
The post Coffee Break 12 appeared first on Packet Pushers.
CCIE Bootcamp Price Reduction
INE is reducing the cost of our live, instructor-led bootcamps by $1,000 each. Our new pricing model will still include access to our workbooks and ATC video courses with the purchase , but will separate out the Lab Exam Voucher and access to our All Access Pass as optional add-ons to provide you with a more flexible options for both your learning style and your budget. If you would like the existing complete, bundled solution, you have until Aug 1 to make a bootcamp purchase.
See this advert for more details.
Look forward to seeing you in a bootcamp soon!
Working with VMware NSX – The setup
I’ve spent some time over the last few weeks playing around with VMware’s NSX product. In this post, I’d like to talk about getting the base NSX configuration done which we’ll build on in later posts. However, when I say ‘base’, I don’t mean from scratch. I’m going to start with a VMware environment that has the NSX manager and NSX controllers deployed already. Since there isn’t a lot of ‘networking’ in getting the manager and controllers deployed, I’m not going to cover that piece. But, if you do want to start from total scratch with NSX, see these great walk through from Chris Wahl and Anthony Burke…
Chris Wahl
http://wahlnetwork.com/2014/04/28/working-nsx-deploying-nsx-manager/
http://wahlnetwork.com/2014/05/06/working-nsx-assigning-user-permissions/
http://wahlnetwork.com/2014/06/02/working-nsx-deploying-nsx-controllers-via-gui-api/
http://wahlnetwork.com/2014/06/12/working-nsx-preparing-cluster-hosts/
Anthony Burke
http://networkinferno.net/installing-vmware-nsx-part-1
http://networkinferno.net/installing-vmware-nsx-part-2
http://networkinferno.net/installing-vmware-nsx-part-3
Both of those guys are certainly worth keeping an eye on for future NSX posts (they have other posts around NSX but I only included the ones above to get you to where I’m going to pick up).
So let’s talk about where I’m going to start from. My topology from where I’ll start looks like this…
Note: For reference I’m going to try and use the green Continue reading
Priority Queue – SDN and The Reseller Channel
What is the future of SDN Vendors ? Will all the startups eventually close down to just a few choices or can there be a vibrant ecosystem which can allow for many vendors to survive ? The discussion took a left turn and became an strong discussion of whether resellers will survive the arrival of SDN.
Author information
The post Priority Queue – SDN and The Reseller Channel appeared first on Packet Pushers Podcast and was written by Greg Ferro.
How to run X applications on a guest VM in the cloonix network simulator
To run a program that uses a graphical user interface on a guest virtual machine running in the cloonix open-source network simulator, log into the guest VM from the host computer using SSH and forward the X11 display. Then, any X11 program you run on the guest VM using that SSH session, such as Wireshark, will display its X windows on the host computer.
Initial setup
First, we create a cloonix network simulation with at least one guest VM. In this example, we created three guest VMs named Cloon1, Cloon2, and Cloon3.
A cloonix network simulation with three guest VMs
See previous posts related to using cloonix, if you need help setting up the example network.
Connect to guest VM via SSH
Open a new terminal window on the host computer. We do this so we can run X windows from the guests on the host. As discussed in the Cloonix v24 overview post, cloonix uses a patched version of the Dropbear SSH client so we use the dbssh command that is installed in the cloonix tree directory, ~/Netsims/cloonix-24.11.
The Dropbear SSH client automatically forwards X windows from the client machine to the server machine so Continue reading
My CCIE Journey
I use to post this blog on my friends blog and I just wanted to put it here since this journey was one of the biggest professional experience of my life. I am starting this blog and will dedicate some time (mostly late at night ..) to write articles (without any flashiness) for every engineers […]Cisco Virtual IOS on GNS3
The tutorial discuss the use of GNS3 software to run Cisco Virtual IOS (vIOS). Cisco vIOS is shipped and supported as a part of the Cisco's One Platform Kit (onePK) that is distributed in form of virtual machine. It might be downloaded with Cisco.com account. Currently, it is not required to have Cisco account associated with service contracts, Bill-to IDs, or product serial numbers in order to download onePK.
Software Prerequisites
- Host OS - any 64 bit Linux OS
- Qemu emulator and virtualizer compiled with x86_64 support
- KVM
- GNS3 0.8.7 - the last version that has Qemu support included
- Cisco all-in-one-VM-1.2.1-194.ova virtual machine
Minimum Hardware Requirements
- CPU with hardware virtualization support (AMD-V or VT-X virtualization extensions)
- Storage - 10 GB
- RAM - 2000 MB
- RAM vIOS - 384 MB
Script for Extracting vIOS from All-In-One VM
Here is a Linux bash script that helps you to extract vIOS vios-adventerprisek9-m.vmdk from all-in-one VM file. Download all-in-one.ova file from here and assign executable privileges to the script.
$ chmod +x extract_vios.txt
Then you can run the script as it is shown below. The only user input is selecting path to all-in-one VM file Continue reading
Mellanox and bad CLI choices
I’ve been working on Mellanox S-Series switches lately in a largish network with several hundred 10GbE server ports. On the whole, the product has performed beyond my cynically low expectations and the product has good capabilities overall but the command line interface (CLI) is a really poor user experience. How about this gem for configuring […]
The post Mellanox and bad CLI choices appeared first on EtherealMind.
Port mirroring on VMware vSwitch/dvSwitch (dvMirror)
Port mirror is a traditional features available on physical switch to capture port traffic and redirect to a remote destination. A remote destination can be (using the Cisco convention): A physical port located on the same physical switch (Switch port Analyzer or SPAN port). The traffic is simply copied to the destination port too. A physical port […](Visited 433 times since 2013-06-04, 5 visits today)
Security Dessert Models
I had the good fortune last week to read a great post from Maish Saidel-Keesing (@MaishSK) that discussed security models in relation to candy. It reminded me that I’ve been wanting to discuss security models in relation to desserts. And since Maish got me hungry for a Snicker’s bar, I decided to lay out my ideas.
When we look at traditional security models of the past, everything looks similar to creme brûlée. The perimeter is very crunchy, but it protects a soft interior. This is the predominant model of the world where the “bad guys” all live outside of your network. It works when you know where your threats are located. This model is still in use today where companies explicitly trust their user base.
The creme brûlée model doesn’t work when you have large numbers of guest users or BYOD-enabled users. If one of them brings in something that escapes into the network, there’s nothing to stop it from wreaking havoc everywhere. In the past, this has caused massive virus outbreaks and penetrations from things like malicious USB sticks in the parking lot being activated on “trusted” computers internally.
A Slice Of Pie
A more modern security Continue reading
IOU Web Interface 1.2.2-23
iou-web is released “as-is” without warranty of any kind. iou-web does not include any Cisco IOU/IOL binaries or other materials under Cisco NDA. I’m not responsible for what you do with iou-web software. I DON’T OWN NOR HAVE ACCESS TO TOPOLOGY, INITIAL CONFIGS, IOU/IOL BINARIES OR ANY OTHER MATERIAL UNDER CCIE EXAM NDA OR COPYRIGHTED […](Visited 1,429 times since 2013-06-04, 6 visits today)