eFSU on VSS (WS-6513, Sup2T)
I performed an eFSU (enhanced Fast Software Upgrade) of a pair of Cisco WS-6513-E switches in VSS. eFSU is the closest one can get to a true ISSU (in service software upgrade) of a VSS chassis. The entire process took 25 minutes. It is slower than a conventional FSU that involves changing the boot variables on the switch to point to the new software image file and then reloading the switches. This will cause a complete outage irrespective of whether devices are single or dual attached to the VSS. With the eFSU, we lost a single ping in the complete process from a workstation that was connected to an upstream 4500 switch that was dual homed to the VSS chassis. However, for devices that were single attached, there was a considerable outage (60-180 seconds).
I'll go over the process and hopefully this post should familiarize other network engineers who want to attempt an eFSU but haven't done it before. I've capture screenshots of the upgrade process, so we can look at some of the interesting logs on the switches.
Current IOS: 15.1(1)SY
New IOS: 15.1(1)SY1
Cisco's documentation is very precise and straight forward and can be found here.
Visibility, Debugging and Network Virtualization (Part 1)
[This post was written by Martin Casado and Amar Padmanahban, with helpful input from Scott Lowe, Bruce Davie, and T. Sridhar]
This is the first in a multi-part discussion on visibility and debugging in networks that provide network virtualization, and specifically in the case where virtualization is implemented using edge overlays.
In this post, we’re primarily going to cover some background, including current challenges to visibility and debugging in virtual data centers, and how the abstractions provided by virtual networking provide a foundation for addressing them.
The macro point is that much of the difficulty in visibility and troubleshooting in today’s environments is due to the lack of consistent abstractions that both provide an aggregate view of distributed state and hide unnecessary complexity. And that network virtualization not only provides virtual abstractions that can be used to directly address many of the most pressing issues, but also provides a global view that can greatly aid in troubleshooting and debugging the physical network as well.
A Messy State of Affairs
While it’s common to blame server virtualization for complicating network visibility and troubleshooting, this isn’t entirely accurate. It is quite possible to build a static virtual datacenter and, assuming the vSwitch Continue reading
The Value of Certifications
I hope to clear the air on what a vendor certificate (or any certificate, such as a degree/diploma/etc) is, and is not. Too many times have I heard/seen people place too little or too much stock in the single piece of paper. What a certificate is A certificate, simply put, is proof that on a […]
Author information
The post The Value of Certifications appeared first on Packet Pushers Podcast and was written by Ken Matlock.
Cisco onePK: Now I Get It
I had an opportunity recently to sit in a Cisco onePK lab and it opened my eyes to exactly what Cisco is doing with onePK, why it’s going to be so important as Software Defined Networking (SDN) continues to gain traction, and why onePK is different than what anyone else is doing in the industry.
onePK is a key element within Cisco’s announced Open Network Environment SDN strategy. onePK is an easy-to-use toolkit for development, automation, rapid service creation and more. It enables you to access the valuable data inside your network via easy-to-use APIs.
Source: www.cisco.com/go/onepk
Since having my own eyes opened, I’ve been pondering how to explain my new found understanding in a way that others will grasp. In particular to business decision makers (BDMs) and technical decision makers (TDMs). I’m really, really, struggling to come up with a good analogy for BDMs. I’m still working on that one. Surprisingly, I’m also struggling to come up with a sound analogy that will work with the majority of TDMs that I know. Maybe I shouldn’t be so surprised at that since all the TDMs I deal with are on the infrastructure side of things (networks, storage, Continue reading
Show 153 – Cisco Live 2013 Roundtable Discussion with Tech Field Day
At Cisco Live US 2013, we were able to get together a nice group of folks to share their opinions on the announcements we found most interesting. You’ll know some of them from Tech Field Day, an event Greg and I have been a part of several times. This show is good conversation with smart […]
Author information
The post Show 153 – Cisco Live 2013 Roundtable Discussion with Tech Field Day appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Cisco onePK: Now I Get It
I had an opportunity recently to sit in a Cisco onePK lab and it opened my eyes to exactly what Cisco is doing with onePK, why it's going to be so important as Software Defined Networking (SDN) continues to gain traction, and why onePK is different than what anyone else is doing in the industry.
onePK is a key element within Cisco's announced Open Network Environment SDN strategy. onePK is an easy-to-use toolkit for development, automation, rapid service creation and more. It enables you to access the valuable data inside your network via easy-to-use APIs.
Source: www.cisco.com/go/onepk
Since having my own eyes opened, I've been pondering how to explain my new found understanding in a way that others will grasp. In particular to business decision makers (BDMs) and technical decision makers (TDMs). I'm really, really, struggling to come up with a good analogy for BDMs. I'm still working on that one. Surprisingly, I'm also struggling to come up with a sound analogy that will work with the majority of TDMs that I know. Maybe I shouldn't be so surprised at that since all the TDMs I deal with are on the infrastructure side of things (networks, storage, Continue reading
Your Career – Enemies Within and Without
In the mood for some self analysis and reflection around your career and your employer? Good. I’ve strong feelings about employment in general and even stronger ones around balancing it with your personal life (I wouldn’t dare say private any more) and making work work for you. I’m definitely in the work to live camp. […]
Author information
The post Your Career – Enemies Within and Without appeared first on Packet Pushers Podcast and was written by Steven Iveson.
Heatsink Upgrade
A little detour from the networking topics today to show off a little weekend tech project. I recently ran into some overheating problems with my home BYO PC. Core Temp was showing upwards of 70 degrees Celsius during normal operation, and under load, it would sometimes just shut down completely. Here’s the setup I had as of 2 days ago: The rear fan, which takes air in, was not working due to a short.Heatsink Upgrade
A little detour from the networking topics today to show off a little weekend tech project. I recently ran into some overheating problems with my home BYO PC. Core Temp was showing upwards of 70 degrees Celsius during normal operation, and under load, it would sometimes just shut down completely. Here’s the setup I had as of 2 days ago: The rear fan, which takes air in, was not working due to a short.Network Security and the N00b Meter
This morning I read an article in which the writer thought that wireless security was too inconvenient and difficult, so he simply disabled it, leaving his network wide open. He was tired of his complex password being too hard for guests to use and made the comparison that they didn’t have to use these kinds […]
Author information
The post Network Security and the N00b Meter appeared first on Packet Pushers Podcast and was written by Mrs. Y.
Optimizing and Protecting Spanning Tree – Lab Testing
Unfortunately the equipment I was using didn’t support PVST+ (Sup2Ts in 6503 Catalyst Switches), so I skipped testing UplinkFast and BackboneFast as these are incorporated in 802.1w (RSTP) and 802.1s (MSTP, which is basically an extension of RSTP).
BPDU Guard
For this test, SwitchD will be treated as a Rogue Switch being attached to the network. Initially, SwitchC’s port 2/1 is configured as an access port with only PortFast enabled.
- 1. Disconnect link between SwitchC and SwitchD
- 2. Configure SwitchC port 2/1 as an access port in VLAN 10 with PortFast enabled.
- 3. Configure SwitchD port 2/1 as an access port in VLAN 10. Configure the priority on VLAN 10 to be 0.
- 4. Reconnect link between SwitchC and SwitchD and check topology for VLAN 10. SwitchD should be the root for VLAN 10.
- 5. Disconnect link between SwitchC and SwitchD
- 6. Enable BPDU Guard on Switch C port 2/1
- 7. Reconnect link between SwitchC and SwitchD. SwitchC port 2/1 should move to an err-disable state. Verify with sh interfaces status err-disabled. Verify SwitchD is no longer the root for VLAN 10.
*Jul 5 22:02:06.023: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port GigabitEthernet2/1 with BPDU Guard enabled. Disabling Continue reading
Masterclass – Tcpdump – Expressions
This Masterclass article series aims to provide in-depth technical information on the installation, usage and operation of the classic and supremely popular tcpdump network traffic analysis program including alternatives, running tcpdump as a process, building expressions, understanding output and more. I’ve covered the Basics and Parameters previously and here I move on to filter Expressions; […]
Author information
The post Masterclass – Tcpdump – Expressions appeared first on Packet Pushers Podcast and was written by Steven Iveson.
Ambassadors Cookbook for Enterprise now available
At the beginning of 2013 I was asked to join the Juniper Ambassador team; essentially an outreach program to those active in social channels including the J-Net community. Whilst I was appreciative of the vendor swag; it wasn’t until the community manager had the bright idea for us to collaborate on a book did it […]
Author information
The post Ambassadors Cookbook for Enterprise now available appeared first on Packet Pushers Podcast and was written by Glen Kemp.
KIClet: IOS “network” Command Cheating
I have always used the “network 0.0.0.0 0.0.0.0” statement to describe “all interfaces” when configuring a routing protocol like EIGRP. I know that it’s not correct, but I never stopped to wonder why my bad habit still worked. Then, I found this good article by @jdsilva explains this is IOS just assuming you had a “brain fart” and meant to type the proper “network 0.0.0.0 255.255.255.255” I’m studying for the CCIE and it can be really good to identify these bad habits that, while in real life may not be too bad, especially this kind, where the result is the same, but on exams can mean the difference between failure and success.KIClet: IOS “network” Command Cheating
I have always used the “network 0.0.0.0 0.0.0.0” statement to describe “all interfaces” when configuring a routing protocol like EIGRP. I know that it’s not correct, but I never stopped to wonder why my bad habit still worked. Then, I found this good article by @jdsilva explains this is IOS just assuming you had a “brain fart” and meant to type the proper “network 0.0.0.0 255.255.255.255” I’m studying for the CCIE and it can be really good to identify these bad habits that, while in real life may not be too bad, especially this kind, where the result is the same, but on exams can mean the difference between failure and success.You have a new manager – now what do you do?
We’ve all been there – a recent re-org or maybe your boss gets promoted or your boss leaves and you end up with a new manager. As I have mentored people over the years, I’d say that the most common reaction is “Crud! I have to start over.” But once you get past that moment […]
Author information
The post You have a new manager – now what do you do? appeared first on Packet Pushers Podcast and was written by Michael Bushong.
Traditional AQM is not enough!
Note: Updated October 24, 2013, to fix some editorial nits, and to clarify the intended point that it is the combination of a working mark/drop algorithm with flow scheduling that is the “killer” innovation, rather than the specifics of today’s fq_codel algorithm.
Latency (called “lag” by gamers), once incurred, cannot be undone, as best first explained by Stuart Cheshire in his rant: “It’s the latency, Stupid.” and more formally in “Latency and the Quest for Interactivity,” and noted recently by Stuart’s 12 year old daughter, who sent Stuart a link to one of the myriad “Lag Kills” tee shirts, coffee bugs, and other items popular among gamers.
Out of the mouth of babes…
Any unnecessary latency is too much latency.
Many networking engineers and researchers express the opinion that 100 milliseconds latency is “good enough”. If the Internet’s worst latency (under load) was 100ms, indeed, we’d be much better off than we are today (and would have space warp technology as well!). But the speed of light and human factors research easily demonstrate this opinion is badly flawed.
Many have understood bufferbloat to be a problem that primarily occurs when a saturating “ Continue reading
Vendor mandated certs only degrade integrity
I dont doubt that vendors have a tight line to walk when it comes maintaining their brand integrity. To build up a skill set in the market the certification teams put in many weeks developing a program that is relevant, useful and achieves the goals required. Followed by countless hours reviewing each of the certifications regularly to ensure integrity. There is the added benefit that these certifications build of community of loyal followers – The Cisco and VMWare certification programs are evidence to this.
I personally have been involved in the development, technical review, and exam rewrite process and I can attest to the effort that the certifications teams go to to ensure the validity and integrity of their offerings. Weeding out sources of brain dumps and NDA violations and other activities that threaten this integrity work becomes an on going commitment that requires many hours of dedication.
On the other side of the line is the requirement to have the partners representing the vendor to maintain a level of skills and customer satisfaction. This ensures that when the brand is represented in the market that it will be delivered by the most skilled people capable of delivering the Continue reading
The Illusion of Perfection
I spend a lot of time commuting. During that commute, I listen to technical podcasts and lots of different leadership and career oriented audio books. One of the topics that experts seem to have differing opinions on is defining what is good enough. I’ve heard many refer to Nike’s ad campaign, Just Do It, and […]
Author information
The post The Illusion of Perfection appeared first on Packet Pushers Podcast and was written by Paul Stewart.
Snowden Media Douchebaggery
Recently the New York Times posted an article stating that while Edward Snowden was at the NSA, he learned to be a hacker by taking a CEH course and getting the certification. But the certification, listed on a résumé that Mr. Snowden later prepared, would also have given him some of the skills he needed […]
Author information
The post Snowden Media Douchebaggery appeared first on Packet Pushers Podcast and was written by Mrs. Y.