My first received spam delivered over IPv6!
Not certain how much this actually counts as “Spam over IPV6″ though. It was only the last bit of delivery to my account where IPv6 was involved. It still originated from IPv4.
Received from relay-6.dlfw.twtelecom.net ([2001:4870:6082:1::72]) by he.net for ; Tue, 13 Nov 2012 11:57:38 -0800
Received from localhost (unknown [127.0.0.1]) by relay-6.dlfw.twtelecom.net (Postfix) with ESMTP id 223346021E; Tue, 13 Nov 2012 12:47:42 -0700 (MST)
Received from relay-6.dlfw.twtelecom.net ([127.0.0.1]) by localhost (relay-6.dlfw.twtelecom.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TMxIEAmBj2TU; Tue, 13 Nov 2012 12:47:42 -0700 (MST)
Received from aol.com (unknown [209.234.184.51]) by relay-6.dlfw.twtelecom.net (Postfix) with SMTP id D73BD60094; Tue, 13 Nov 2012 12:47:32 -0700 (MST)
[Quality of Service] Part 2 – Bringing it Together: Cisco Nexus, Cisco UCS, and VMware
When you’re talking about something like MTU or QoS, it’s important to think about technology implementations in an end-to-end fashion by analyzing every possible path network traffic can take - always planning for the big picture and never simply a single connection between devices. For instance, poor planning can result in confusing QoS configurations that don’t match from device to device. Depending on the platform, this can result in mismatched MTU configurations, which at worst breaks your network and at best causes elusive performance problems that can be incredibly difficult to troubleshoot.[Quality of Service] Part 2 – Bringing it Together: Cisco Nexus, Cisco UCS, and VMware
When you’re talking about something like MTU or QoS, it’s important to think about technology implementations in an end-to-end fashion by analyzing every possible path network traffic can take - always planning for the big picture and never simply a single connection between devices. For instance, poor planning can result in confusing QoS configurations that don’t match from device to device. Depending on the platform, this can result in mismatched MTU configurations, which at worst breaks your network and at best causes elusive performance problems that can be incredibly difficult to troubleshoot.[Quality of Service] Part 2 – Bringing it Together: Cisco Nexus, Cisco UCS, and VMware
When you’re talking about something like MTU or QoS, it’s important to think about technology implementations in an end-to-end fashion by analyzing every possible path network traffic can take - always planning for the big picture and never simply a single connection between devices. For instance, poor planning can result in confusing QoS configurations that don’t match from device to device. Depending on the platform, this can result in mismatched MTU configurations, which at worst breaks your network and at best causes elusive performance problems that can be incredibly difficult to troubleshoot.[Quality of Service] Part 1- Types of QoS Policies
There’s a lot of information out there about QoS and it’s an area where I’m only now starting to feel comfortable. I’ve been fortunate enough to have a decent amount of experience configuring datacenter equipment, especially in the context of a Flexpod, so I’ve been forced to know how all of these technologies play together with respect to QoS, which is very important when running sensitive applications like voice on such an infrastructure.[Quality of Service] Part 1- Types of QoS Policies
There’s a lot of information out there about QoS and it’s an area where I’m only now starting to feel comfortable. I’ve been fortunate enough to have a decent amount of experience configuring datacenter equipment, especially in the context of a Flexpod, so I’ve been forced to know how all of these technologies play together with respect to QoS, which is very important when running sensitive applications like voice on such an infrastructure.[Quality of Service] Part 1- Types of QoS Policies
There’s a lot of information out there about QoS and it’s an area where I’m only now starting to feel comfortable. I’ve been fortunate enough to have a decent amount of experience configuring datacenter equipment, especially in the context of a Flexpod, so I’ve been forced to know how all of these technologies play together with respect to QoS, which is very important when running sensitive applications like voice on such an infrastructure.The Formation of “Brocatta” – Brocade Aquires Vyatta
Yes, I invented the word “Brocatta”, and I am not ashamed. The announcement was made today that Vyatta, a company that I’ve long used for their software routers and firewalls, has been acquired by Brocade. The move was not a surprise to me, as Brocade has yet to define a proper SDN strategy to compete with the announcement of Cisco’s Open Network Environment and onePK. Positioning Vyatta as Brocade’s “Software Networking” business unit is a good move because now Vyatta can operate more like an R&D department with better funding than I’m sure they’ve enjoyed thus far.The Formation of “Brocatta” – Brocade Aquires Vyatta
Yes, I invented the word “Brocatta”, and I am not ashamed. The announcement was made today that Vyatta, a company that I’ve long used for their software routers and firewalls, has been acquired by Brocade. The move was not a surprise to me, as Brocade has yet to define a proper SDN strategy to compete with the announcement of Cisco’s Open Network Environment and onePK. Positioning Vyatta as Brocade’s “Software Networking” business unit is a good move because now Vyatta can operate more like an R&D department with better funding than I’m sure they’ve enjoyed thus far.The Formation of “Brocatta” – Brocade Aquires Vyatta
Yes, I invented the word “Brocatta”, and I am not ashamed. The announcement was made today that Vyatta, a company that I’ve long used for their software routers and firewalls, has been acquired by Brocade. The move was not a surprise to me, as Brocade has yet to define a proper SDN strategy to compete with the announcement of Cisco’s Open Network Environment and onePK. Positioning Vyatta as Brocade’s “Software Networking” business unit is a good move because now Vyatta can operate more like an R&D department with better funding than I’m sure they’ve enjoyed thus far.Unidirectional communication filter between two VLANs
How does the internet work - We know what is networking
Block Traffic among two VLAN’s but only in one way, how to do that? VLAN and VLAN configurations are very useful in all kinds of different ways. This configuration will be useful sooner or later for all network administrators out there. It was a big challenge to resolve this tricky communication security requirement. The problem actually does not […]
The evolution of E-911
NG911 and the evolution of ESInet
If you live within North America and have ever been in a road accident or had a house fire then you are one of the fortunate ones who had the convenience and assurance of 911 services. I am old enough to remember how these types of things were handled prior to 911. Phones (dial phones!) had dozens of stickers for Police, Fire and Ambulance. If there were no stickers then one had to resort to a local phone book that hopefully had an emergency services section. To think of how many lives that has been saved by this simple three digit number is simply boggling. Yet to a large degree we all now take this service for granted and assume it will just work as it always has regardless of the calling point. We also seem to implicitly assume that all of the next generation capabilities and intelligence that is available today can just automatically be utilized within its framework. This article is intended to provide a brief history of 911 services and how they have evolved up to the current era of E911. It will also talk about the upcoming challenges Continue reading
Route Distinguisher vs Route Target – MPLS Tutorial Part 1
Route Distinguisher vs Route Target – aren’t they the same thing? No! In this post I am going to clarify the difference between route distinguisher and route target within the Cisco world of MPLS VPN’s. The main problem comes from the fact that in most Cisco Press books they always show the route distinguisher value and […]
The post Route Distinguisher vs Route Target – MPLS Tutorial Part 1 appeared first on Roger Perkin.
Adding an image to DevStack
I had some time to play with OpenStack this week so I rolled a DevStack install on an Ubuntu VM running in Parallels on my MacBook Air following the instructions here. Once OpenStack was up and running I was able to log in to Horizon at http://localhost/ and started to poke about. I decided I wanted to try and create a compute instance just to see what all the fuss was about … as it turns out, you need to have an image to base this instance on.
With a little bit of help from the OpenStack documentation and a little bit of trial and error I was able to quickly upload an image as follows:
First things first. Create a directory for your images:
mkdir /tmp/images
cd /tmp/images
Then grab the latest CirrOs image with wget:
wget -c https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img
We can then upload to glance:
glance --os-username=admin --os-password=password --os-tenant-name=demo
--os-auth-url=http://localhost:5000/v2.0 image-create --name
cirros-0.3.0-x86_64 --disk-format qcow2 --container-format bare
< /tmp/images/cirros-0.3.0-x86_64-disk.img
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 50bdc35edb03a38d91b1b071afb20a3c |
| container_format | bare |
Continue readingAdding an image to DevStack
I had some time to play with OpenStack this week so I rolled a DevStack install on an Ubuntu VM running in Parallels on my MacBook Air following the instructions here. Once OpenStack was up and running I was able to log in to Horizon at http://localhost/ and started to poke about. I decided I wanted to try and create a compute instance just to see what all the fuss was about … as it turns out, you need to have an image to base this instance on.
About Me
I'm Dave Tucker. I've worn many hats in the past (including a Red Fedora). From Consultant to Engineer, from Technical Marketing to Product Management but there is always one thing that remains constant. My love of making things that delight people.
I've helped to build a number of successful open source software products (for details see my Github profile). I co-founded and built SocketPlane which was acquired by Docker in March 2015. I'm currently helping to build Docker for Desktop (macOS and Windows).
My passion continues outside of work where I enjoy experimenting with single-board computers (Arduino, Raspberry Pi, Beaglebone, Cubieboard et. al) and 3D Printing. When I'm not tinkering, I can be found spending time with my family, cooking or practicing Tai Chi.
If I'm not making, I like to be talking about making. To that end, I've spoken at conferences and events across the world about technical topics like Networking and Docker containers. I'm a big fan of mentoring others and I enjoy volunteering at my local library.
I've recently taken the plunge and entered back in to education to pursue a degree in Astronomy and Planetary Science and one day I would love for something that I Continue reading
Adding an image to DevStack
I had some time to play with OpenStack this week so I rolled a DevStack install on an Ubuntu VM running in Parallels on my MacBook Air following the instructions here. Once OpenStack was up and running I was able to log in to Horizon at http://localhost/ and started to poke about. I decided I wanted to try and create a compute instance just to see what all the fuss was about … as it turns out, you need to have an image to base this instance on.
Detecting Layer2 Loops
We all too familiar with the devastating impact a talented layer 2 loops could have on a data center lacking sufficient controls and processes being in place. If you are using Cisco Nexus switches in your data center, you would be happy to know that NX-OS offers an interesting new tool you should add to […]
Sorry state of JunOS control plane protection
I've been looking into how to protect MX80 11.4R5 from various accidental and intentional attempts to congest control plane and I'm drawing pretty much blank.
Main discoveries so far.
- ISIS always leaked to control plane, even when no 'family iso' or 'protocol isis' on interface
- PVST always leaked to control plane. Even when just 'family inet' configured to interface
- LLDP protocol not matched by ddos-protection feature
- Essentially impossible to protect against attack from eBGP
- ddos-protection feature mis-dimensioned
ISIS
This is pretty bad for anyone running ISIS, as you cannot use ddos-protection to limit ISIS, as it won't distinguish between bad and good ISIS. If you don't use ISIS, just set ddos-protection limit low and you're good to go.ISIS is punted with different code than IP packets, but resolving the punt path it goes to the same path. This path is still seeing full wire rate, i.e. there isn't magic 10kpps limit before it
HCFPC2(le_ruuter vty)# show jnh 0 exceptions control pkt punt via nh PUNT(34) 9134818 1065269880 HCFPC2(le_ruuter vty)# show jnh 0 exceptions nh 34 punt Nexthop Chain: CallNH:desc_ptr:0xc02bbc, mode=0, rst_stk=0x0, count=0x3 0xc02bb8 0 : 0x127fffffe00003f0 0xc02bb9 1 : 0x2ffffffe07924a00 0xc02bba 2 : 0xda00601499000a04 0xc02bbb 3 : Continue reading