Show 185 – Vendor Product Management
How do vendors decide to make network products ? What is the process and thinking behind what happens inside the wall of the vendor ? Today, Greg is join by Omar Sultan from Cisco to talk broadly about how vendors make big decisions
Author information
The post Show 185 – Vendor Product Management appeared first on Packet Pushers Podcast and was written by Greg Ferro.
FCoE, 10GBaseT and BER – problem managed
Some time ago I wrote that FCoE would have problems on 10GBaseT due to relatively high error rates of 10GBaseT deployment. New information suggests that this problem is solved under certain circumstances.
The post FCoE, 10GBaseT and BER – problem managed appeared first on EtherealMind.
Custom DHCP server configuration on Opengear
For the last few years I've run my home DHCP service on a virtual private server at AWS.This was not a great idea. It's a pain to resolve issues with my Internet service when those issues cause my laptop to stop getting an IP address assigned because the path between my house and the DHCP server has been interrupted.
The service is at Amazon because I wanted to purge "server" like things from the house, but its clear that I needed to bring DHCPd back home. I started investigating moving the service to one of my Opengear ACM5000 units, which is always running anyway because it keeps tabs on my generator and home security system, sends me text messages about interesting events and whatnot.
The Opengear web UI doesn't offer too many DHCP service configuration options, but I didn't expect that to be a problem. One of the things I love about Opengear is that most anywhere you look, the baked-in scripts and configuration elements can be replaced with user-supplied versions of those things.
I'd expected to find something like include /etc/config/dhcpd-user.conf in the automagically-generated DHCPd configuration, but it wasn't there.
Healthy Paranoia Show 23: Phone Phreaking, Hacking and Fraud, Oh My!
That’s right listeners, you’re not in Kansas anymore! It’s time to follow that Yellow Brick Road to another episode of Healthy Paranoia. Today, we’ll be discussing phone phreaking, hacking and fraud, oh my! So we’re off to see Wizard, the Wonderful Wizard of VoIP security, Patrick McNeil. Joining me over the rainbow for this trip […]
Author information
The post Healthy Paranoia Show 23: Phone Phreaking, Hacking and Fraud, Oh My! appeared first on Packet Pushers Podcast and was written by Mrs. Y.
Turkish Internet Censorship Takes a New Turn
Internet censorship in Turkey took a new and ominous turn yesterday. In order to better seal off access to social media sites like YouTube and Twitter, the incumbent TurkTelecom began hijacking the IP address space of public DNS resolvers like those of Google. This allows TurkTelecom servers to masquerade as Google DNS servers, returning whatever answers they want. Under normal circumstances, such queries would have been destined for servers outside the country, which is how Turkish users were circumventing the ban on YouTube imposed earlier this week. However, now local users of these global DNS services are surreptitiously redirected to alternate providers within TurkTelekom. You can see this route redirection for yourself, here and here.
Recap
Turkey’s 25th and current Prime Minister, Recep Tayyip Erdoğan, has publicly and repeatedly expressed his dislike of social media, instructing various sites to be blocked. The current attempt to curtail this important medium began on March 21st via DNS poisoning of Twitter by Turkish ISPs, probably trying to implement the government-mandated ban in a minimally invasive way.
Twitter blocked in Turkey via local DNS poisoning, global DNS providers not impacted: http://t.co/qFEBPXAho8 pic.twitter.com/JDL8SNv62G
— Renesys Corporation (@renesys) March 21, 2014
But Continue reading
Turkey Hijacking IP addresses for popular Global DNS providers
At BGPmon we see numerous BGP hijacks every single day, some are interesting because of the size and scale of the hijack or as we’ve seen today because of the targeted hijacked prefixes.
It all started last weekend when the Turkish president ordered the censorship of twitter.com. This started with a block of twitter by returning false twitter IP addresses by Turk Telekom DNS servers. Soon users in Turkey discovered that changing DNS providers to Google DNS or OpenDNS was a good method of bypassing the censorship.
But as of around 9am UTC today (Saturday March 29) this changed when Turk Telekom started to hijack the IP address for popular free and open DNS providers such as Google’s 8.8.8.8, OpenDNS’ 208.67.222.222 and Level3’s 4.2.2.2.
BGP hijack
Using the Turk Telekom looking glass we can see that AS9121 (Turk Telekom) has specific /32 routes for these IP addresses. Since this is the most specific route possible for an IPv4 address, this route will always be selected and the result is that traffic for this IP address is sent to this new bogus route.
Turk Telekom route server displaying the Continue reading
Network Test Automation with Ansible
In the last post, I talked about how Ansible could be used for various forms of network automation. In the comments, Michael asked if Ansible could also be used for network test automation and verification. Since I’m just starting to explore Ansible, I figured why not try it out. The short answer is, it’s possible. Let’s take a look at an example proving this out.
I just built a playbook that verifies a router, or group of routers, has reachability to a defined list of destinations. Maybe you are deploying a new site? Maybe a new host? Is the route being sent correctly to all sites? Now, a playbook like this can be used to ensure every site (from the router) has reachability to the new site, subnet, or host. You define the destination. Cool, right?
Update: Before reading anymore, it's recommended to read the first post on Ansible for Networking.
Let’s do a quick walk through.
Here is the playbook.
Update: Before reading anymore, it's recommended to read the first post on Ansible for Networking.
Let’s do a quick walk through.
Here is the playbook.
As you can see, there is not a lot to it. This playbook that we are looking at, called ‘pinger’, is using a module called ‘auto_pinger’. Continue reading
Over Layer Versus Under Layer
Do you feel like you are in data center acronym soup these days? I sure feel it, and I think sometimes tech-speak can help mask the real driver for change. In the data center, we are striving for a new model. The idea of real time resource allocation and reallocation, the ideal organism that responds perfectly to every request and oh, did I mention resiliency in the whole stack for instant recovery from any fault. Wow, that would be great! I think we have a ways to go. For now, the latest craze is to add the word virtualization to each topic.
Why is that? I think it is because virtualization has helped us learn that you can decouple the hardware and software and create layers of abstraction that lead to better systems. And here “better” could be lower power / cooling and space utilization, or it could the idea that a virtual machine (VM) can be your 18 wheeler, or container ship, and move the application
or data anywhere you want, to help in that resource allocation / re allocation or resiliency story I mentioned above.
Now if we look on the network side, Continue reading
When Good NICs Do Bad Things: A Blast of IPv6 Multicast Listener Discovery Queries
This is the write-up of a recent event we experienced on our network. This will be combination of a journal of symptoms, troubleshooting steps taken, and a brief overview of the environment and platforms involved. This isn’t a forensic analysis of the cause or of different behaviors in various environments. Rather, it’s meant to be […]
Author information
Internets of Interest for 28th March 2014
Collection of useful, relevant or just fun places on the Internets for 28th March 2014 and a bit commentary about what I’ve found interesting about them: Brocade – Brocade Extends Ethernet Fabric Leadership – Brocade hasn’t given up on the Campus. This announcement from February talks about their switch platform, most interesting is that […]
The post Internets of Interest for 28th March 2014 appeared first on EtherealMind.
Cisco Internal VLAN Usage
About a month ago I worked on an old CatOS switch. Working on this switch reminded me about some of the differences between CatOS and IOS. One of the big differences is how a Layer 3 routed interface is configured between the two OS versions. On a Catalyst running IOS, it is almost identical as […]
Author information
The post Cisco Internal VLAN Usage appeared first on Packet Pushers Podcast and was written by Charles Galler.
Does Network Lifecycle Management Make Sense?
Recently, we met with a friend who has done an amazing job of understanding the lifecycle management of virtual machines (VMs). As the CTO of a very large cloud provider, he explained in deep detail how he took advantage of Moore’s Law and doubled the amount of VMs in each rack each year, while maintaining or shrinking the cost per rack. As a result, he has doubled the amount of earning potential in each data center while driving cost down, even as his staff is ripping out servers long before their traditional three- to four-year lifecycle and purchasing new ones. He is buying servers at a 3-to-1 ratio over a three-year period when compared with a typical server lifecycle, yet his cost to operate the data center is going down and his productivity is going up by 2x every year. Amazing!
While we enjoyed learning of his success, when we hear these stories, we think “Could this have the same type of impact somewhere in the network?” It got us to ask why customers traditionally hang on to their top-of-rack switches for four or five years and sometimes longer.
What is different about the network versus servers?
Obviously, Continue reading
SAN Automation with Python and Jinja
One of my least favorite things to do in my day job is create or maintain a zoning configuration on a fibre channel switch, such as a Cisco Nexus or MDS. It’s tedious, very error prone, and annoying when changes need to be made. I wrote earlier in the week on the value of using a templating language like Jinja to define the structure of a switch configuration, but dynamic enough to accept all kinds of input from some higher-level intelligence elsewhere.SAN Automation with Python and Jinja
One of my least favorite things to do in my day job is create or maintain a zoning configuration on a fibre channel switch, such as a Cisco Nexus or MDS. It’s tedious, very error prone, and annoying when changes need to be made. I wrote earlier in the week on the value of using a templating language like Jinja to define the structure of a switch configuration, but dynamic enough to accept all kinds of input from some higher-level intelligence elsewhere.How to become a network engineer
Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
If you have arrived on this page then I would assume you know what a network engineer is and would like to find out how to become a network engineer? If you are not sure what a network engineer is or does then the picture below explains it very well Picture courtesy of http://perceptionvsfact.com/ A […]
Post taken from CCIE Blog
Original post How to become a network engineer
Troubleshooting with Wireshark [Riverbed lab kit]
A while ago I attended a Wireshark webinar from Riverbed in which they presented the tool, some beginner and intermediate users troubleshooting scenarios and some lab kit. Now I got an e-mail that they made it available for download at http://www.riverbed.com/wireshark-virtual-tour Part of this Lab Kit were available in the Virtual World Tour 2014 webinar […]Three reasons why Networking is a pain in the IaaS, and how to fix it
In this post I share the slides, audio recording, and short outline of a presentation I gave at the Melbourne VMUG conference (Feb 2014) called “Three reasons why Networking is a pain in the IaaS, and how to fix it”. As network technologists we know that when the compute architecture changes, the network architecture changes […]Three reasons why Networking is a pain in the IaaS, and how to fix it
In this post I share the slides, audio recording, and short outline of a presentation I gave at the Melbourne VMUG conference (Feb 2014) called “Three reasons why Networking is a pain in the IaaS, and how to fix it”.
As network technologists we know that when the compute architecture changes, the network architecture changes with it. Consider the precedent. The transition from mainframe to rack servers brought about Ethernet and top-of-rack switches. Blade servers introduced the blade switch and a cable-less network. And of course the virtual server necessitating the software virtual switch and a hardware-less network. At each iteration, we observe the architecture change occurring at the edge, directly adjacent to compute.
We can look at this superficially and say, “yes, the network architecture changed”. However if you think about it, the catalyzing change in each shift was the operational model, with intent to increase agility and reduce costs. The architecture change was consequential. Without compute, there is no reason for a network. Networking, both as a profession and technology, exists as a necessary service layer for computing. Without a network, computing is practically useless. As such, the capabilities of the network will either enable or impede Continue reading
Three reasons why Networking is a pain in the IaaS, and how to fix it
In this post I share the slides, audio recording, and short outline of a presentation I gave at the Melbourne VMUG conference (Feb 2014) called “Three reasons why Networking is a pain in the IaaS, and how to fix it”.
As network technologists we know that when the compute architecture changes, the network architecture changes with it. Consider the precedent. The transition from mainframe to rack servers brought about Ethernet and top-of-rack switches. Blade servers introduced the blade switch and a cable-less network. And of course the virtual server necessitating the software virtual switch and a hardware-less network. At each iteration, we observe the architecture change occurring at the edge, directly adjacent to compute.
We can look at this superficially and say, “yes, the network architecture changed”. However if you think about it, the catalyzing change in each shift was the operational model, with intent to increase agility and reduce costs. The architecture change was consequential. Without compute, there is no reason for a network. Networking, both as a profession and technology, exists as a necessary service layer for computing. Without a network, computing is practically useless. As such, the capabilities of the network will either enable or impede Continue reading
Three reasons why Networking is a pain in the IaaS, and how to fix it
In this post I share the slides, audio recording, and short outline of a presentation I gave at the Melbourne VMUG conference (Feb 2014) called “Three reasons why Networking is a pain in the IaaS, and how to fix it”.
As network technologists we know that when the compute architecture changes, the network architecture changes with it. Consider the precedent. The transition from mainframe to rack servers brought about Ethernet and top-of-rack switches. Blade servers introduced the blade switch and a cable-less network. And of course the virtual server necessitating the software virtual switch and a hardware-less network. At each iteration, we observe the architecture change occurring at the edge, directly adjacent to compute.
We can look at this superficially and say, “yes, the network architecture changed”. However if you think about it, the catalyzing change in each shift was the operational model, with intent to increase agility and reduce costs. The architecture change was consequential. Without compute, there is no reason for a network. Networking, both as a profession and technology, exists as a necessary service layer for computing. Without a network, computing is practically useless. As such, the capabilities of the network will either enable or impede Continue reading