Storage Traffic Magic with OpenFlow

I am in the Bay Area this week, working on some network automation stuff, and I was fortunate to be able to stop by and say hello to the Storage Field Day 6 folks over drinks.

I was told by several impressed delegates about a talk by Andy Warfield of Coho Data, where he described how they used OpenFlow to steer storage traffic intelligently to and from various nodes in a distributed storage array.

For the majority of the discussion, he talks at length about how NICs have long been able to push more data than a single CPU core is able to process, and as a result, they have to be intelligent about the distribution of packet processing onto the cores within a multicore system.

In summary, a big problem with file-based storage systems is dealing with load sharing. NFS clients have to point to an IP address where the exports are located, and if this IP address was available only on a single NIC on a storage array, this pretty severely limits your options – that port becomes a big bottleneck. I’ve seen some customers assign IP addresses to several ports on an array, and use them in rotations Continue reading

Rewarding Effort vs Results

Sometimes we confuse effort with outcome. We think that hours spent are more important than outcomes achieved. Or we unintentionally create a system where effort is rewarded, rather than outcomes.

Consider a situation where you work for a consulting firm, doing capped Time & Materials jobs. The client gets charged for the amount of time actually worked. Any amount of time up to the cap will be accepted. If more time is needed to complete a task, you’ll need to go back to the client to negotiate for more time/money. Occasionally you’ll need to do that, but usually the job will be completed under the cap.

As a consultant, you’re normally measured on your utilisation, and the amount you bill. So what’s the optimum amount of work to do for each job? Funnily enough, it is very close to the amount estimated – no matter what the estimate was. Maximise revenue & utilisation, while still doing the work under budget. There’s no incentive to do the job quicker.

Look at it from the perspective of two different consultants, Alice & Bob:

• Alice is a diligent worker, who gets through her work as quickly as possible. Repeatable tasks are scripted. She doesn’t muck around.
• Bob is a Continue reading

Network Break 19 – Fixed

Note: We had an audio problem and Network Break 19 is now fixed.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+

The post Network Break 19 – Fixed appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Technology Short Take #46

Welcome to Technology Short Take #46. That’s right, it’s time for yet another collection of links and articles from around the Internet on various data center-related technologies, products, projects, and efforts. As always, there is no rhyme or reason to my collection; this is just a glimpse into what I’ve seen over the past few weeks. I hope you are able to glean something useful.

Networking

• This post by Matt Oswalt—the first in a series, apparently—provides a great introduction to 5 development tools for network engineers. I’ve already increased my usage of Git in an effort to become more fluent with this very popular version control tool, and I was already planning on exploring Jinja2 as well (these are both mentioned in Matt’s article). This is a really useful post and I’m looking forward to future posts in this series.
• Matt also recently posted part 4 (of 5) in his series on SDN protocols; this post covers OpFlex and declarative networking.
• It was good to read this post on Cumulus Linux first impressions by Jeremy Stretch. I’m a fan of Cumulus, but I’m admittedly a Linux guy (see here) so you might say I’m a bit biased. Jeremy is Continue reading

SDN And More – Interop Roundtable Discussion

This September I was invited to come to New York for Interop New York 2014 and participate in a couple of technical sessions as part of a Tech Field Day Extra event. In addition to the presentations by HP Networking and … Continue reading →

If you liked this post, please do click through to the source at SDN And More – Interop Roundtable Discussion and give me a share/like. Thank you!

The Unofficial JNCIE-ENT Prep Guide

Some of you may have heard that Jeff Fry has published his Unofficial JNCIE-ENT Prep Guide, but how many of you have purchased it yet? I’ve had the opportunity to look it over as he was completing it, and I must say it is an impressive collection of work. He has stuffed over 500 pages into the workbook and we’re not talking about fluff. Countless hours and many months of work later, he has published it with LeanPub, and will continue to issue updates. That is one of the nice things about Leanpub, with your purchase, you have the right to receive all future updates to the content! And many publishers, at least the ones I’ve purchased from, do push out significant updates to their work. You also receive a 100% guarantee on your purchase, that means if you are not happy, you can receive a full refund within 45 days of purchase. Jeff has also published a sample which includes the full table of contents and small sample section of the content.

If you’re studying for the JNCIE-ENT use the link below and receive 25% off your purchase.

The post The Unofficial JNCIE-ENT Prep Guide appeared first on Continue reading

7-Nov-2014: Press Releases From Meru, Gigamon, Big Switch + Dell

Imtech’s SDN and NFV demo

This is a pretty cool demo of SDN (Software-Defined Networking) and NFV (Network Function Virtualization) by our SDN Consultant.  I’ve seen a lot of slideware on Contrail and NFV, but they don’t really help understanding very well.  Seeing it actually happen makes a world of difference.

Watch the demo trailer here.

FlipIT Cloud: Orchestrating IT-as-a-Service on Software Gone Wild

Imagine being an IT administrator running a multi-tenant enterprise environment (example: an SMB business center). How many things would you have to configure to add a new tenant? How about adding a new user for an existing tenant?

The engineers behind the scenes of FlipIT cloud service ended up with a 40-page configuration guide when they started the service years ago… and obviously decided full-blown automation is the only way to go.

Alteon – each server is different

Lab goal

Setup

I'll use my Loadbalancer Lab Setup.

Alteon configuration

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

/c/slb/real r8080
       ena
       ipver v4
       rip 10.136.85.1
       addport 8080
/c/slb/real r8081
       ena
       ipver v4
       rip 10.136.85.2
       addport 8081
/c/slb/real r8082
       ena
       ipver v4
       rip 10.136.85.3
       addport 8082
/c/slb/group gMulti
       ipver v4
       add r8080
       add r8081
       add r8082
/c/slb/virt 6_16
       ena
       ipver v4
       vip 10.136.6.16                   
/c/slb/virt 6_16/service 80 http
       group gMulti
       rport 0       

• Lines 1-15 : Configure the real servers

• Notice the addport command, which sets the port being used by the server.

Storage Traffic Magic with OpenFlow

Storage Traffic Magic with OpenFlow

Santa Cruz New Tech Meetup

Using Puppet to Configure F5 Network’s LTM via SOAP

You’ll like this, and you won’t; and that reflects on how I’ve felt variously about this task/burden. So, I’ve spent three weeks, almost full-time, on the work necessary to use Puppet to configure F5 Networks LTM via SOAP. Not just a few Pools and Virtual Servers; the whole box, from scratch. I knew this would be […]

Author information

Steven Iveson

Steven Iveson, the last of four children of the seventies, was born in London and has never been too far from a shooting, bombing or riot. He's now grateful to live in a small town in East Yorkshire in the north east of England with his wife Sam and their four children.

He's worked in the IT industry for over 15 years in a variety of roles, predominantly in data centre environments. Working with switches and routers pretty much from the start he now also has a thirst for application delivery, SDN, virtualisation and related products and technologies. He's published a number of F5 Networks related books and is a regular contributor at DevCentral.

TwitterLinkedIn

The post Using Puppet to Configure F5 Network’s LTM via SOAP appeared first on Packet Pushers Podcast and was written by Steven Iveson.

APIs Alone Aren’t Enough

Yes, we know: Your product has an API. Yawn. Sorry for not getting excited. That’s just table stakes now. What I’m interested in is the pre-written integrations and code you have that does useful things with that API.

Because sure, an API lets me integrate my various systems however I want. Theoretically. Just the same way that Bunnings probably sells me all the pieces I need to build a complete house.

If I’m running a small company staffed by developers, then just giving me an API is acceptable. But in a larger company, or one without developer resources, an API alone isn’t enough. I want to see standard, obvious integrations already available, and supported by the vendor.

In this spirit, I’m very pleased to see that ThousandEyes now has a standard integration with PagerDuty:

ThousandEyes appears as a partner integration from which you can receive notifications; and, within ThousandEyes we now have a link to easily add alerts to your PagerDuty account.

You can read more at the ThousandEyes blog.

This is exactly the sort of obvious integration I Continue reading

Chinese Routing Errors Redirect Russian Traffic

In recent weeks, Russian President Vladimir Putin announced a plan to enact measures to protect the Internet of Russia. In a speech to the Russian National Security Council he said, “we need to greatly improve the security of domestic communications networks and information resources.” Perhaps he should add Internet routing security to his list because, on a number of occasions in the past year, Russian Internet traffic (including domestic traffic) was re-routed out of the country due to routing errors by China Telecom. When international partners carry a country’s domestic traffic out of the country, only to ultimately return it, there are inevitable  security and performance implications.

Last year, Russian mobile provider Vimpelcom and China Telecom signed a network sharing agreement and established a BGP peering relationship. However, as can often happen with these relationships, one party can leak the routes received from the other and effectively insert itself into the path of the other party’s Internet communications. This happened over a dozen times in the past year between these two providers. This is a general phenomenon that occurs with some regularity but isn’t often discussed in BGP security literature. In this blog post, we’ll explore the issue Continue reading

Improving performance and security with a visibility plane in virtual network infrastructures

Node and Link Protection

Node and link protection is a mechanism for protecting LSPs from (you guessed it) the failure of nodes and links.   It differs from fast re-route in that you have to specify node and link protection on the interfaces of all the downstream routers as well as on the LSP at its source.

My network looks like this at the moment, with an LSP running from R5 to R1 using the shortest path determined by the IGP:

Path of LSP R5-to-R1

So on R5, I configure node-link-protection on the LSP:

root@R5> show configuration protocols mpls
no-propagate-ttl;
label-switched-path R5-to-R1 {
    to 10.0.6.1;
    node-link-protection;
}
interface ge-0/0/0.0;
interface ge-0/0/1.0;

This has the effect of signalling to the downstream routers that link and node protection is desired, as you can see here:

root@R5> show mpls lsp name R5-to-R1 detail
Ingress LSP: 6 sessions

10.0.6.1
  From: 10.0.3.5, State: Up, ActiveRoute: 0, LSPname: R5-to-R1
  ActivePath:  (primary)
  Node/Link protection desired                        <===== Node Link Protection 
  LSPtype: Static Configured, Penultimate hop popping
  LoadBalance: Random
  Encoding type: Packet, Switching type: Packet, GPID: IPv4
 *Primary                    State: Up
    Priorities: 7 0
 Continue reading

Monitoring OTV – Overlay Transport Virtualization

The Quanta LB4M – Cheap White Box Switching?

“Hey,” said my friend, “are you interested in buying an Ethernet switch? 48 1Gbps copper ports and two 10Gbps fiber uplinks. Very cheap. Layer 2 only, though.” A few minutes later, we were doing business out of the trunk of … Continue reading →

If you liked this post, please do click through to the source at The Quanta LB4M – Cheap White Box Switching? and give me a share/like. Thank you!