400k Views in 4 Years – A Review of My Last 4 Years
Very often in our lives we are fully focused on what is going to happen in the
future. We rarely look back at what we have done and how we got to where we
are now. People that know me, know that I’m a very focused person that is always
looking to improve my skillset.
In July of 2010 I decided that I wanted to become a CCIE. I was a CCNP at that
time and I was working in a role where I did 2nd level support. I decided that
I wanted to blog to keep my notes for the CCIE online. I wrote my first blog
post on July 16, 2010. Today on August 16, 2014, almost four years later I passed
400k views on the blog. It’s been an amazing journey and here is a look back at
what has happened since then. This post is meant to be inspirational, to see
what can be accomplished in four years if you put your heart to it, please don’t
take it as boasting :)
For my CCIE studies I used INE workbooks, I decided that it would be good practice
to answer questions on their forums to keep Continue reading
CPUG, and The Risk of Single-Admin Communities
CPUG, a Check Point user forum, is near death. The owner has been forced to get rid of it, but rather doing a graceful handover, it has been shut down pending a possible sale. This is a great shame, and it highlights the risks of contributing to a forum controlled by a single person.
CPUG.org started out as an independent Check Point forum in around 2005. It was seeded with Phoneboy’s original FW–1 FAQs, and quickly became the premier independent source of Check Point information. If you had a Check Point problem, chances were you could get a quick answer there.
I used to do a lot of Check Point work, and so I knew a fair bit about it. I had the time, knowledge, and the desire to help the community, so I got involved with CPUG, and became a top contributor. I put a huge amount of effort into it over the years, and hopefully I helped solve a few people’s problems. I have moved away from contributing recently, for various reasons.
At its best, the forum was a fantastic resource, where many of the smartest people were working to help solve the trickiest issues. It became Continue reading
Host-MLAG: Don’t Let a Switch Bring Down Your Servers
How do you protect against failures in a data center? Selecting a stable location and using quality equipment is a good start.
But no matter how much you spend and how lofty the promises of the vendor, hardware does fail. And because systems do inevitably fail, redundancy is your friend when it comes to minimizing the impact of a failure. Systems have redundant power supplies and fans. The connections between systems are redundant. The systems themselves are redundant. And in some cases entire data centers are redundant in different geographical locations.
With the release of Cumulus Linux 2.2, there is now an open solution for redundant layer 2 top of rack, or ToR, switches. No longer will a single ToR switch failure take out your entire rack of servers. This is because Cumulus Linux 2.2 includes Host-MLAG, which allows servers to connect to redundant ToR switches using active-active LACP bonding. Some of the advantages of Host-MLAG include:
- Unlike a single ToR solution, with Host-MLAG, the failure of one ToR switch still provides full connectivity to all of the servers.
- With active-active connections to the ToRs, the bandwidth to and from the servers is doubled.
- Host-MLAG requires no special Continue reading
HP OMW: Still Kicking, But Only Just
A year ago I asked “Has HP Abandoned Operations Manager?” There had been no significant development for a long time, and the signs were that HP was moving away from OM to OMi.
Last week HP made a move that confirms my original thinking: It’s dead (it just doesn’t know it yet). HP released a Customer Letter announcing an extension to the “End of Committed Support” date, from December 31, 2016 to June 30, 2018:
HP is committed to providing the highest level of customer care to you while you determine your future strategy for your HP Operations Manager for Windows 9.0x & HP Operations Manager for Windows Basic Suite 9.1x products.
(emphasis mine)
That’s right, no new version announcement, just extending support for the current version. Implication: no new versions coming any time soon.
Applying a few volts to OMW 9.0
HP has released patches OMW_00185 and OMW_00187 for OMW 9.0. These include the usual bugfixes, and these enhancements:
- Web console enhancements resulting in feature parity with the MMC console while offering significant performance advantages
- Management Server platform support extension to Windows Server 2012 and Windows Server 2012 R2
- MMC Console Continue reading
Where is Metadata Anyway?
There is an emerging picture that while networks, and network operators, make convenient targets for various forms of national security surveillance efforts, the reality of today’s IP network’s are far more complex, and Internet networks are increasingly ignorant about what their customers do. The result is that it's now quite common for Internet networks not to have the information that these security agencies are after. Not only can moderately well-informed users hide their activities from their local network, but increasingly this has been taken out of the hands of users, as the applications we have on our smartphones, tablets and other devices are increasingly making use of the network in ways that are completely opaque to the network provider.Jr. Network Admin Willing to Work In Columbus, Ohio? Let’s Talk!
Carenection is where I currently work as the Senior Network Architect. We are looking for a Junior Network Administrator. If you’re an experienced network engineer with many years under your belt, this is not your opportunity. But if you’re just getting into the networking field and are looking for a position where you can learn […]
Author information
The post Jr. Network Admin Willing to Work In Columbus, Ohio? Let’s Talk! appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Free Custom Handwriting Font for Network Designs
I've made my own handwritten font for those moments when you are "sketching" network diagrams and it is free for you to use.
The post Free Custom Handwriting Font for Network Designs appeared first on EtherealMind.
Cisco Nexus L3 daughter card
One of my customer had an issue regarding a Nexus 5K and its L3 daughtercard. Everything was fine on the switch except that no adjacency could be performed with its neighbors. I gave a quick look at the licensing and all was all right : [crayon-55aea0d9aae5e703354181/] Then I checked that some L3 features are Up […]Cisco Cuts Another 6000 Jobs Q4 2014 – Should I Be Concerned ?
Cisco announced another 6000 job cuts in the Q4 2014 Results announcement yesterday in addition to the 5000 job cuts announced last quarter. Cisco has (or had) approx. 75000 employes so that’s a lot of jobs (more than 20%) in a short period of time and this leaves me pondering the impact to the products […]
The post Cisco Cuts Another 6000 Jobs Q4 2014 – Should I Be Concerned ? appeared first on EtherealMind.
Preliminary Book Topics
As I announced earlier this summer, I'm working on writing a book targeted to people entering the field of computer networking. I've got a fair amount of content fleshed out already, but figured it might help to get some feedback on the tentative structure. The book is being written in a question-and-answer style, organized into chapters by subject.
Below is the preliminary table of contents. It's still very much a work in progress, but I'm curious what people think of this approach. Constructive criticism and suggestions for additional content are welcome!
Internets of Interest – 13 August 2014
Collection of useful, relevant or just fun places on the Internets for 13 August 2014 and a bit commentary about what I've found interesting about them:
The post Internets of Interest – 13 August 2014 appeared first on EtherealMind.
Demystifying the IS-IS database
I’ve gone over the OSPFv2 and OSPFv3 databases in depth before. Now is the time for IS-IS. As always, I’ll start from a basic two router set up and add devices to the topology. Basic LSPs In OSPF we use the term LSA, Link-State Advertisement. In IS-IS we use the term LSP – Link-State PDUs. […]Rolling back to Maven 3.0.X on OSX (Homebrew)
The current version of Maven in Homebrew at the time of writing is 3.2.2
This is great... unless one of the plugins in your project doesn't support it and then you have to downgrade :(
Fortunately it's not too painful
brew uninstall maven
brew tap homebrew/versions
brew install maven30
@dave-tucker
Rolling back to Maven 3.0.X on OSX (Homebrew)
The current version of Maven in Homebrew at the time of writing is 3.2.2
This is great... unless one of the plugins in your project doesn't support it and then you have to downgrade :(
Fortunately it's not too painful
brew uninstall maven
brew tap homebrew/versions
brew install …Five Sinkholes of newGOZ
By Dennis Schwarz and Dave Loftus
It has been a few weeks since news broke of the Zeus Gameover variant known as newGOZ. As has been reported, the major change in this version is the removal of the P2P command and control (C2) component in favor of a new domain generation algorithm (DGA).
The DGA uses the current date and a randomly selected starting seed to create a domain name. If the domain doesn’t pan out, the seed is incremented and the process is repeated. We’re aware of two configurations of this DGA which differ in two ways: the number of maximum domains to try (1000 and 10,000) and a hardcoded value used (0×35190501 and 0x52e645).
Date based domain generation algorithms make for excellent sinkholing targets due to their predictability, and provides security researchers the ability to estimate the size of botnets that use them. With this in mind, we have gathered five days worth of newGOZ sinkhole data. Our domains are based on the first configuration, since this configuration seems to be used the most in the wild.
As with all sinkhole data, many variables can affect the accuracy of victims such as network topology (NAT and DHCP), timing, Continue reading
Introducing the Multicast “Dating Service” (aka the “RP”)
In February of 2001 I attended a 5 day multicast class within Cisco taught by none other than Beau Williamson! In both his book and during the class, he kept referring to the multicast rendezvous point (RP) as: “a meeting place for multicast receivers and senders (almost like a multicast dating service for multicast routers)” -Developing IP Multicast Networks, […]
Author information
The post Introducing the Multicast “Dating Service” (aka the “RP”) appeared first on Packet Pushers Podcast and was written by Denise "Fish" Fishburne.
Internet Touches Half Million Routes: Outages Possible Next Week
There was minor consternation in Internet engineering circles today, as the number of IPv4 networks worldwide briefly touched another magic “power of 2″ size limit. As it turns out, 512K (524,288 to be exact, or 2-to-the-19th power) is the maximum number of routes supported by the default TCAM configuration on certain aging hardware platforms.
The problem is real, and we still haven’t seen the full effects, because most of the Internet hasn’t yet experienced the conditions that could cause problems for underprovisioned equipment. Everyone on the Internet has a slightly different idea of how big the global routing table is, thanks to slightly different local business rules about peering and aggregation (the merging of very similar routes to close-by parts of the Internet address space). Everyone has a slightly different perspective, but the consensus estimate is indeed just under 512K, and marching higher with time.
The real test, when large providers commonly believe that the Internet contains 512K routes, and pass that along to all their customers as a consensus representation of Internet structure, will start later this week, and will be felt nearly everywhere by the end of next week.
Enterprises that rely on the Internet for delivery of Continue reading
Huawei Learning Website
Huawei is showing some signs of maturity in the Enterprise market with this Learning website offering free e-learning courses. Unfortunately, it’s seriously restricted to partners or some other weird criteria for membership. Entitlement E-Learning courses currently face to the following types of users: Huawei channel partners; Huawei Authorized Learning Partner(HALP) and the one who passed […]
The post Huawei Learning Website appeared first on EtherealMind.
A Training Class Where I Actually Learned Something
TL/DR – Canned labs never work for me.
Training for me has always been hit or miss. I have had better luck with in person classes than online training. I realize that everyone learns differently, so I suppose you pick the model that works best for you and hope you get your money’s worth out of it.
Back in June, I had the pleasure of attending the ClearPass Advanced Labs course at the Aruba headquarters out in Sunnyvale, CA. This was not a typical “class”. In fact, every time I referred to it as a “class”, I was reminded by the instructor that it was more of a workshop. The instructor was not there to teach you everything about ClearPass. Their job is to simply function as a proctor and help out when you got stuck on a particular issue. Yes, there was a slide deck, but it was VERY brief and just covered the goals of the day’s activities.
What Made It Different?
In short, the lack of step by step instructions. Many of the training classes I have attended consist of the following:
1. Death by Powerpoint
2. Canned labs
There’s no need to elaborate on the first Continue reading
What caused today’s Internet hiccup
Like others, you may have noticed some instability and general sluggishness on the Internet today. In this post we’ll take a closer look at what happened, including some of the BGP details!
At around 8am UTC Internet users on different mailing lists, forums and twitter, reported slow connectivity and intermediate outages. Examples can be found on the Outages mailing list company support site such as liquidweb and of course on Nanog.
How stable is the Internet
So how do we know if the Internet was really unstable today? One way to look at this is by looking at the outages visible in BGP over the last 12 months. On average we see outages for about 6,033 unique prefixes per day, affecting on average 1470 unique Autonomous Systems. These numbers are global averages and it’s worth noting that certain networks or geographical areas are more stable than others.
BGP stability and outages differ per country.
If we look at the number of detected outages by BGPmon today we see outage for 12,563 unique prefixes affecting 2,587unique Autonomous Systems. This is well above the daily average and indeed both the unique prefixes and the unique Autonomous Systems count are Continue reading