It’s the Applications, Stupid (Part 2 of 3)!
In part 1 of this series, I mentioned a customer that was starting to understand how to build application policy into their deployment processes and in turn was building new infrastructure that could understand those policies. That’s a lot of usage of the word “policy” so it’s probably a good idea to go into a bit more detail on what that means.
In this context, policy refers to how specific IT resources are used in accordance with a business’s rules or practices. A much more detailed discussion of policy in the data center is covered in this most excellent networkheresy blog post (with great additional discussions here and here). But suffice it to say that getting to full self-service IT nirvana requires that we codify business-centric policy and encapsulate the applications with that policy.
The goals of the previously mentioned customer were pretty simple, actually. They wanted to provide self-service compute, storage, networking, and a choice of application software stacks to their vast army of developers. They wanted this self-service capability to extend beyond development and test workloads to full production workloads, including fully automated deployment. They wanted to provide costs back to the business that were on par Continue reading
Connecting Virtual Routers to the Outside World
Stefan de Kooter (@sdktr) sent me a follow-up question to my Going All Virtual with Virtual WAN Edge Routers blog post:
How would one interface with external Internet in this scenario? I totally get the virtual network assets mantra, but even a virtual BGP router would need to get a physical interconnect one way or another.
As always, there are plenty of solutions depending on your security needs.
Read more ...GET VPN, it is all about group.
GET VPN uses a group security paradigm comparing to the traditional point-to-point security paradigm like DMVPN, GRE IPSec or SSL. Do not confuse with any-to-any mesh which is the result of n(n-1)/2 point-to-point security associations between n peers. We are talking about group security association (SA), group states and group keys. Because each group member […]
White Box Switching: Goodbye Trident II, Hello Cavium XPliant
Original Design Manufacturers (ODMs) that produce incumbent profit busting white box switching technology could soon be releasing the next wave of programmable networking based on technology from a silicon company best known for it’s encryption products. Cavium have released the XPliant chipset which it acquired from a $90m purchase earlier this year. This chipset comes in four flavours varying from 880 Gbps to 3.2 Tbps. This results in devices having 128×25 Gbps switching lanes allowing switches with 32x100GbE, 64x 50/40GbE, or 128x 25/10GbE ports in a single device. The highest speed Cavium device is currently twice the speed of the next highest merchant silicon offering, however merchant vendors will catch up with the speed aspect before too long. The important part here to remember is this chipset is programmable and is touted to be released with support for Generic Network Virtualisation Encapsulation (GENEVE) out of the box, along with a “simulator” for product designers to test their code against. All designed to increase the speed to market and decrease delay.
Let’s take an ODM switch from the likes of Accton that is currently based on the venerable Trident II chipset. Current merchant silicon chipsets limit the features to those Continue reading
IPv6 Networking Detection Case #141 – Part 2: The Solution
Part 2: The Solution Ready for part 2? Have you read part 1 w/ the facts and clues? If not, go read that now before you continue. Part 1: The Facts and Clues Review the Facts and Clues Again Last we played we were ON R1 and unable to ping the IPv6 address […]
Author information
The post IPv6 Networking Detection Case #141 – Part 2: The Solution appeared first on Packet Pushers Podcast and was written by Denise "Fish" Fishburne.
SDN control of hybrid packet / optical leaf and spine network
The short video above shows how the Calient optical circuit switch (OCS) uses two grids of micro-mirrors to create optical paths. The optical switching technology has a number of interesting properties:
- Pure optical cut-through, the speed of the link is limited only by the top of rack transceiver speeds (i.e. scales to 100G, 400G and beyond without having to upgrade the OCS)
- Ultra low latency - less than 50ns
- Lower cost than an equivalent packet switch
- Ultra low power (50W vs. 6KW for comparable packet switch)
The diagram shows the hybrid network that was demonstrated. The top of rack switches are bare metal switches running Cumulus Linux. The spine layer consists of a Cumulus Linux bare metal switch and a Calient Technologies optical circuit switch. The bare metal Continue reading
Internets of Interest – 22 September 2014
Collection of useful, relevant or just fun places on the Internets for 22 September 2014 and a bit commentary about what I've found interesting about them:
The post Internets of Interest – 22 September 2014 appeared first on EtherealMind.
Private VLANs when, where, & how.
Recently PVLANs came into a design discussion, which in turn led into me reminiscing on my Route/Switch days. So naturally when I wanted to re-visit the topic if anything to make sure I still remembered everything what was important and to see if any features have been added with the new IOS’s. It’s been a […]
Apple Working Hard to Improve Siri?
That’s right, in the face of strong competition from “Google Now” (home of “Ok Google”) and Microsoft’s Cortana, Apple’s software developers are working hard to add features and improve Siri’s capabilities and responses. After all, with Microsoft running commercials recently where Cortana … Continue reading
If you liked this post, please do click through to the source at Apple Working Hard to Improve Siri? and give me a share/like. Thank you!
[SDN Protocols] Part 4 – OpFlex and Declarative Networking
In this post, we will be discussing a relatively new protocol to the SDN scene – OpFlex. This protocol was largely championed by Cisco, but there are a few other vendors that have announced planned support for this protocol. I write this post because – like OVSDB – there tends to be a lot of confusion and false information about this protocol, so my goal in this post is to provide some illustrations that (hopefully) set the record straight, with respect to both OpFlex’s operation, and it’s intended role.
Before I get started, I would be remiss to not point you towards a brilliant article by Kyle Mestery titled “OpFlex is not an OpenFlow Killer“. At the time the article was written, Kyle was working for Noiro, a team within the INSBU at Cisco focused (at least primarily) on open source efforts in SDN, and the creators of OpFlex.
The Declarative Model of Network Programmability
Before we get into the weeds of the OpFlex protocol, it’s important to understand the model that OpFlex intends to address. OpFlex is the protocol du jour within a Cisco ACI based Continue reading
Jim — I’m an Engineer, not a…
Doctor McCoy, on the original Star Trek series had a signature line — he was forever complaining about this or that with the exclamation that he was just a doctor, and not a… Well, whatever, from shuttle driver to politician.
And how many times, in my career, have I wanted to stop in the middle of some meeting and scream, “Jim — I’m an engineer, not a politician!”
After all, there’s some sense in which engineers become engineers because we’re focused on the problem at hand, we’re focused on the technical issue, not the people issue. I once saw a cartoon that expressed the feeling in the technical community almost perfectly — an engineer talking to her manager, who has apparently just been told she needs to work on her “people skills.” Her answer? “I only went into computers in the first place because I don’t like people.”
Exactly.
And there used to be a time when engineers could get away with this. There was once a time when IT was in the basement (we used to joke about putting on the asbestos suites when going down to the basement to get to our desks in one Continue reading
SDN Deployment Considerations
Are you lucky enough to be one of the 87% of North American enterprises that plan to have SDN in production by 2016 or one of the 53% of the companies that plan to have SDN deployed in the near future? Even though we all know how inflated these claims are, you might have to start considering the deployment aspects of a solution a $vendor will persuade your CIO to buy.
Read more ...New VMworld 2014 Hands-on Labs with VMware NSX Goodness
In 2013 we introduced VMware NSX Hands-on-Labs for the first time. The NSX 1303 Hands-on-lab has been by far one of the most popular labs, giving you an in-depth view of VMware NSX. Hands-on-labs are one of the best ways to get a good tour of the product. You can take all of these labs online at http://labs.hol.vmware.com/HOL/catalogs/ . It requires a registration, but is open to everyone. .
This year at VMworld we introduced several new NSX labs to give you a deeper look at NSX, and to showcase the depth of integration NSX provides with 3rd party partners and other VMware products. All of the new 2014 Hands-on-labs have been published and are available to you. Here is a quick tour of the labs and what you can expect to see.
If you are just getting started with NSX and want to know what Network Virtualization is all about, we recommend you start here.
This lab will walk you through five modules of exercises:
- NSX Components – Host Preparation, Controller deployment
- NSX Logical Switching – building VXLAN logical switches
- NSX Logical Routing - Distributed Routing, Dynamic Routing with OSPF
- NSX Distributed Firewall – Micro-segmentation with Continue reading
It’s the Applications, Stupid (Part 1 of 3)!
I remember when we first started talking to customers about the concepts of applications driving networks, about 3 years ago (This was a very different conversation from other networking era’s where we talked about ‘intelligent’ networks that could better understand and adapt to applications.) While most customers loved the concepts of a scale-out network that leveraged dynamic photonic connections instead of hard-wired paths, most of them also told us that they “didn’t really know (or want to know)” about the applications at all. Some even said they didn’t want their networks to understand the applications at all!
Hmm.. this was very strange. After all, we were talking to Data Center networking folks, and wasn’t the purpose of the data center network to provide connectivity solutions for applications? How could the folks in charge of these networks not know (and worse, not want to know!) about the whole purpose of their network in the first place?
But of course, it wasn’t really strange. After all, networking, like many IT disciplines, had developed into a nice neat silo that defined nice neat operational boundaries that allowed folks within those boundaries to say “I don’t know, and I don’t want Continue reading
Cisco ACI: Allowing the smarts to scale
As horizontal scalability demands increase for policy based fabrics such as Cisco’s ACI and performance demands push the development of high speed Ethernet standards like 25G, 50G, 100G and beyond in to 400G, how that data is pushed and pulled on the fabric begins to become a problem. In the words of Scotty, devices of today “canne take any more” due to issues with physics, traditional approaches to ASIC interfaces and currently used materials.
A company that was born to attack this problem from a different direction has recently been acquired by Cisco. Memoir, the said acquired startup, has been inserted in to the Insieme business unit within Cisco which says much about the strategy of the policy capable hardware and the company faith in the direction of the ACI strategy. So why Memoir? They offer a solution for multiple areas of memory to be addressed concurrently, making the operation more akin to a parallel one instead of a fast serial operation. They call this: Algorithmic Memory™ and it can increase memory options ten fold!
Cisco in keeping with their origins will always try and hold the hardware networking space. As commodity devices start threatening profits in bread and butter networking, Continue reading
Formal Announcement: Software Gone Wild Podcast
If you’ve been reading my blog in the last few months, you might have noticed that I started a new podcast focused on software-defined everything (hence the name: Software Gone Wild – thanks to Jason Edelman).
The latest episodes are always available on this page; you can also subscribe to the podcast feed in RSS, Atom or iTunes format… and if you wonder why we need yet-another podcast, read the About Software Gone Wild document.
Where Is Cisco UCS Headed?
If you happen to read my writing(as infrequent as it is these days), you know that I am a networking focused person. I live my day to day within the walls of routing, switching, wireless, and other “network centric” platforms and technologies. The days of Unix, Windows, and other generalist type administration duties are gone for me. However, like many IT professionals, I have a strong desire to understand all of the different areas in order to enhance my capabilities within the networking space. If you wish to implement IT in any particular silo, it helps to understand all the different pieces. With that in mind, I happily accepted my invite to the Cisco UCS Grand Slam event in New York City a few weeks ago. My involvement with Cisco UCS usually stops at the fabric interconnect point, and occasionally down into the virtual networking piece as well.
I mention that to state that while I understand the moving parts within storage, compute, and virtualization, I DON’T understand it at the level of people who live in those worlds full time. In light of that, I have to point out that I may be completely wrong in my predictions or Continue reading