Not All IP Addresses are the Same
One IP address is much the same as another - right? There's hardly a difference between 192.0.2.45 and 192.0.2.46 is there? They are just encoded integer values, and aside from numerological considerations, one address value is as good or bad as any other - right? So IP addresses are much the same as each other, and an after-market in IP addresses should be like many other markets in undistinguished commodity goods. Right? Wrong!Book Review: Software Defined Networks
Software Defined Networks Thomas D. Nadeau and Ken Gray If you’ve been trying to find a good, solid, introduction to network programmability, you need look no farther than Software Defined Networks. While the authors do include a good bit of information that’s outside the field of network programmability, overall this is about the best overview […]
Author information
Automation : Not Just Marketing Fluff
Regardless of where you stand on the future of data networks and SDN and the prevailing idea that dust made from ground up rainbows will be powering our pipes – there is something that I believe is being overlooked and should definitely be addressed. There is a rate of unprecedented change going on in the […]
Author information
The post Automation : Not Just Marketing Fluff appeared first on Packet Pushers Podcast and was written by Edward Henry.
A Networking View of the VMware NSX Platform: Right Problem. Wrong Answer
What a week it has been.
I just spent four long, albeit highly productive days at VMworld 2013 in San Francisco speaking openly with customers, press, analysts and partners. The user conference, now in its tenth year, set a record for attendees with more than 23,000 and we were never without a steady stream of customers and prospects coming to our booth for a demo. Through the hundreds of conversations we had during the week, we found a few recurring themes and questions that bubbled up.
At this year’s VMworld, VMware unveiled a number of new and repackaged products for compute, storage, management and networking, eliminating any possible question about their desire to take over the data center world. What seemed to garner the majority of attention from the wave of press releases was the VMware NSX Network Virtualization Platform. It prompted a ton of questions from visitors to our booth about what it is, what we think of it and how we compete with it (I won’t even get into how many times we were asked: Why do you think Cisco isn’t a partner for NSX?).
There are so many things that need to be discussed Continue reading
More Snowden Media Douchebaggery
I previously wrote a post in response to an article that equated Snowden’s CEH certification to James Bond’s “license to kill.” Well, it looks like some technically-challenged media types are at it again. They’ve called Snowden “brilliant” for his ability to “impersonate” users on various systems in order to obtain certain documents and I felt […]
Author information
The post More Snowden Media Douchebaggery appeared first on Packet Pushers Podcast and was written by Mrs. Y.
Securing a DMVPN spoke – Part 1
For organizations that have many remote offices a DMVPN solution is a great option. You can purchase a cheap DSL or cable modem based solution then establish a dynamically built encrypted tunnel back to the corporate office or Data Center(s). The hubs should be located in a DMZ behind a firewall at the Data Center […]
Author information
The post Securing a DMVPN spoke – Part 1 appeared first on Packet Pushers Podcast and was written by Charles Galler.
You Don’t Have To Hit The Ball Out Of The Park To Hit A Home Run
When planning your career you need to make several path choices. A career direction, the right attitude, respect for co-workers are all easy. Some people forget that everyday work is part of taking a single step down that path, tomorrow you will take another couple of steps and again the day after. But some people […]
Author information
The post You Don’t Have To Hit The Ball Out Of The Park To Hit A Home Run appeared first on Packet Pushers Podcast and was written by Greg Ferro.
Turning BIND DNS Management Into A Walk In The Park
DNS needs no introduction in today’s inter-networked, connected world. Though it could be a service the end-users are least aware of, it is one that the network administrator needs to keep an eye on and requires constant monitoring and management to ensure uptime and connectivity. It is DNS servers that help with resolving those easy-to-remember […]
Author information
The post Turning BIND DNS Management Into A Walk In The Park appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.
The Battle for the Top of the Rack
The Battlefield between Sysadmin and Netadmin
The fight for control between sysadmin and network admin has been going on for decades but the boundary line had been pretty static. Anything that ran a full OS and was a end node was is a server is under server ops while anything that connected the servers together was a network device and was under the control of network operations.
If you look at the progression of the two side through the last two decades, you will realize that the server and server OS have gone through change after change with new software packaging system, virtualization, density of servers per rack, and so on while the networking technology has remained pretty static other than speed and feeds and some tagging protocols. While the server admin kept reinventing himself through open source, virtualization, six nine uptime, the network got split into three distinct category (forgive me Gartner for gross simplification):
- The Datacenter Networking: The heavy lifting being done by the server ops and running applications and virtual machine the most critical need, the network admin tended to come in the way and exerted control via IP address and VLAN management. The network services which Continue reading
Video interview: Network Virtualization and VMware NSX
Video interview at VMworld 2013 on network virtualization, VMware NSX, and why it’s awesome: Summary New virtual network abstraction Complete with switching, routing, security, load balancing, and more Non disruptive, works on existing hardware Deploy virtual networks like you deploy virtual machines Realize the full potential of virtualization Cheers, BradAdministrative Distance for Static Route is 1 or 0?
How does the internet work - We know what is networking
There are different documents and books which are claiming that Administrative distance for static routes configured using exit interface is 1 and for the static route configured using next-hop IP address Administrative distance is 0. R1(config)#ip route 20.0.0.0 255.255.255.0 10.10.2.1 R1(config)#ip route 20.0.0.0 255.255.255.0 fastEthernet 0/0 This is not true. Both of them are having AD […]
Difference between defining static routes with next-hop address or exit interface
How does the internet work - We know what is networking
There were a bit of confusion in my head about this case. It was not clear to me what is the difference between setting the static route using next hop interface IP address or using exit interface syntax. It seems that both methods are the same and that you have basically two different ways to […]
Difference between defining static routes with next-hop address or exit interface
Why ‘your’ project was outsourced
It’s easy to get upset when that cool new project you wanted is outsourced to an external VAR. The conversation usually goes something like, “You know the existing network and services really well so we’re going keep focused there. We’re going to engage ACME systems integrators for ‘project awesome’ and get them to give that […]
Author information
The post Why ‘your’ project was outsourced appeared first on Packet Pushers Podcast and was written by John Harrington.
Quiz #18 – Cisco vs. Juniper – Filtering ICMP between BGP Peers
Your company uses multi-vendor routing platforms (Cisco and Juniper) and has multiple sites connected via MPLS from a service provider. Each remote site has a GRE tunnel with the Headquarter (HQ) and a BGP session over this tunnel. After some security change in the network, sites that are Juniper-based behave differently than the Cisco-based ones, creating outage for the customer. What's wrong?
Cisco Nexus 7000 Proxy Routing
In my previous blog - Data Center Design Constraints, I mentioned some of the design caveats involving M and F series line cards in the same VDC or 7K chassis. In this blog, I'll talk about design considerations with classical ethernet on a 7K. For a deep dive, refer Design Considerations for Classical Ethernet Integration if the Cisco Nexus 7000 M1 and F1 Modules.
What prompted me to write this blog was a design whiteboard session with a customer to order the right line cards for the 7K switch. We know the F1 series line cards are strictly for Layer 2 functionality only. They do not perform Layer 3 routing functions, they cannot. The M series line cards perform Layer 3 routing. Consider a Nexus 7009 switch populated with F1 and M1 series line cards. Say servers A and B connect to the 7K. Server A and B belong to VLANs A and B respectively. If Server A needs to talk to Server B, the switch requires inter VLAN routing to route between VLANs A and B. Without the M series, or a separate router on a stick device, this is not possible, right?
If this were a Catalyst Continue reading
Comcast filtering SMTP (TCP 25) for IPv6, but 587 still works!
Noticed this weekend that I couldn’t respond to emails on my personal hosted domains. I thought at first first they changed my PD prefix, but it was up to date in Postfix. Tried submission port and it worked just fine. So looks like Comcast finally caught up with “feature parity” in disallowing outbound SMTP connections on TCP 25.
Balancing Complexity and Simplicity
I’ve been in tech for several years. Over time, I’ve configured things that I’m proud of and I’ve built things that I’m not so proud of. Most of the things that I’m less proud of involve unnecessary or unwarranted complexity that has created operational challenges. In some cases this was a result of a small […]
Author information
The post Balancing Complexity and Simplicity appeared first on Packet Pushers Podcast and was written by Paul Stewart.
Show 159 – Finding a Way To Test It
A welcome return to the Packet Pushers of old where we get where we get a bunch of engineers around the table to generally poke sticks into a box of networking problems and laugh at the noises. Topics What VMware do with networking at VMworld Mentoring in the Day Job – how and what you do to […]
Author information
The post Show 159 – Finding a Way To Test It appeared first on Packet Pushers Podcast and was written by Greg Ferro.
Let Me Tell You…
In the last post in this series, I spent some time talking about the process of detecting a link failure (given down detection is always the more important issue in fast convergence); let’s continue by looking at notification. If a router discovers a down link, or a down neighbor, how does it tell all the […]
Author information
DCI with LISP for Cold Migrations
Let’s step back for a minute. So far in this series of blog posts on DCI, I’ve been focusing on extending the Layer 2 domain between data centers with the goal of supporting hot migrations — ie, moving a virtual machine between sites while it’s online and servicing users.
Is that the only objective with DCI?
Well if it was, there wouldn’t be a need for this blog post :-) Cold migrations have valid use cases too. Cold migrations occur when the virtual machine is shut down in one site and then booted in a new site. As part of that operation, typically an orchestration layer (such as VMware’s Site Recovery Manager) will poke and prod the VM to make it ready for operation in the new site. Most notably, it takes care of changing the VM’s IP address and default gateway.
Cold migrations do not have a requirement for the same IP subnet in both sites. This is because there’s no need to maintain active user sessions during the migration. Different IP subnets in the sites means no stretched Layer 2 which means no risk of combining failure domains!
What if that orchestration layer didn’t have to poke Continue reading