OpenBSD 5.1 SNMP MIBs
It's May and that means a new version of OpenBSD is out. My SNMP MIBs have been updated for 5.1 and are available for download on the OpenBSD SNMP MIBs page. THIS WILL BE ONE OF THE LAST RELEASES OF THE MIBS FOR NET-SNMP During the OpenBSD 5.1 development cycle, I committed the CARP MIB to the base OpenBSD snmpd. The kernel sensor MIB has been in the base snmpd for a few releases now.Management VLAN Best Practices in ESXi and Cisco UCS
If you’ve set up an ESXi host, you’ve likely seen this screen: This allows you to configure which VLAN is used for management. But what does this really do? Time after time I run into very smart engineers that primarily work on virtualization and not as much on the physical networking side - and they miss a few of the networking fundamentals that those of us that were brought up in ROUTE/SWITCH know and love.Management VLAN Best Practices in ESXi and Cisco UCS
If you’ve set up an ESXi host, you’ve likely seen this screen: This allows you to configure which VLAN is used for management. But what does this really do? Time after time I run into very smart engineers that primarily work on virtualization and not as much on the physical networking side - and they miss a few of the networking fundamentals that those of us that were brought up in ROUTE/SWITCH know and love.Who? What? When? Wired? Wireless? With Cisco ISE
Cisco's Identity Services Engine (ISE) is a powerful rule-based engine for enabling policy-based network access to users and devices. ISE allows policy enforcement around the Who?, What?, and When? of network access.
- Who is this user? A guest? An internal user? A member of the Finance department?
- What device is the user bringing onto the network? A corporate PC? A Mac? A mobile device?
- When are they connecting? Are they connecting to the secure network during regular business hours or at 02:00 in the morning?
These questions can all be answered easily within ISE and are all standard policy conditions that are relatively easy to implement. In the post below I'm going to focus on the How? — How is the user or device connecting to the network? Asked another way, the question is Wired? or Wireless?
Review: Remote Desktop Connection Manager
It’s been a while since I’ve done a review of anything on the site and since I’d rather continue to make use of the category than delete it, I decided to share a piece of software I recently discovered that’s helping make my life easier. Remote Desktop Connection Manager is essentially just that - it manages remote desktop connections. However, it does it in a way that I find appealing and EASIER to use than the native client or other organizational methods out there.Review: Remote Desktop Connection Manager
It’s been a while since I’ve done a review of anything on the site and since I’d rather continue to make use of the category than delete it, I decided to share a piece of software I recently discovered that’s helping make my life easier. Remote Desktop Connection Manager is essentially just that - it manages remote desktop connections. However, it does it in a way that I find appealing and EASIER to use than the native client or other organizational methods out there.Load-Sharing across ASICs
Port-channels have become an acceptable solution in data centers to both mitigate STP footprints and extend physical interface limits. One of the biggest drawbacks with port-channels is the single point of failure. Scenario 1- Failure of an ASIC on one switch, which could potentially bring the port-channel down, if all member interfaces were connected on […]
My Cisco Live 2012 program
My Cisco Live 2012 program is below. I was able to select most of the sessions although there were some overlap with one session (something ARC overlapping with another ARC). You might note that the closing keynote is by the guys who play Mythbusters on TV - that'll most likely be a fun filled event! I'll blog about my pre-event feelings if I have the time and interest ;-)Cisco Live 2012
Personal Schedule
Printed below is your personal schedule.
| Sunday | |||
|---|---|---|---|
8:00 AM
5:00 PM
| TECCOM-2001 | Cisco Unified Computing System Technical Day | |
| Monday | |||
8:00 AM
9:30 AM
| BRKNMS-2658 | Securely Managing Your Networks with SNMPv3 | |
10:00 AM
12:00 PM
| BRKSEC-3021 | Maximizing Firewall Performance | |
1:00 PM
3:00 PM
| BRKRST-2335 | IS-IS Network Design and Deployment | |
| Tuesday | |||
8:00 AM
9:30 AM
| BRKRST-2310 | Deploying OSPF in a Large-Scale Network | |
10:00 AM
11:30 AM
| GENKEY-4346 | Keynote and Welcome Address | |
12:30 PM
2:30 PM
| BRKARC-3470 | Cisco Nexus 7000 Switch Architecture | |
4:00 PM
6:00 PM
| BRKSEC-4054 | DMVPN Deployment Models | |
| Wednesday | |||
8:00 AM
9:30 AM
| BRKSEC-3013 | Advanced IPSec with FlexVPN and IKEv2 | |
10:00 AM
11:30 AM
| GENKEY-4347 | Cisco Technology Keynote | |
12:30 PM
2:30 PM
| BRKSPG-2402 | Best Practices to Deploy High-Availability in Service Provider Edge and Aggregation Architectures | |
Windows Server 2008 R2 Boot From SAN on Cisco UCS
For those that have worked with any type of blade server system, you know that boot from SAN is just about the coolest thing since sliced bread. Cisco UCS makes this even cooler by integrating with the service profile concept, allowing for stateless compute provisioning across the board. I’ve done boot from SAN many times, but never with Windows. I’ve primarily used ESXi4.1 or ESXi5.0 stored on a Fibre Channel LUN, then the VMs are stored in either a FC or NFS datastore.Windows Server 2008 R2 Boot From SAN on Cisco UCS
For those that have worked with any type of blade server system, you know that boot from SAN is just about the coolest thing since sliced bread. Cisco UCS makes this even cooler by integrating with the service profile concept, allowing for stateless compute provisioning across the board. I’ve done boot from SAN many times, but never with Windows. I’ve primarily used ESXi4.1 or ESXi5.0 stored on a Fibre Channel LUN, then the VMs are stored in either a FC or NFS datastore.A Quick and Dirty Netapp SnapMirror
Snapmirror is a Netapp feature that’s pretty commonly used to copy data from one system to another. You can copy volumes, or qtrees. It’s also very useful in Disaster Recovery plans, since volumes can be incrementally backed up to an offsite location. I have a VMWare vCenter instance running on Cisco UCS that utilizes a Fibre Channel LUN to store VM templates. It’s pretty large, since it holds templates for a variety of operating systems.A Quick and Dirty Netapp SnapMirror
Snapmirror is a Netapp feature that’s pretty commonly used to copy data from one system to another. You can copy volumes, or qtrees. It’s also very useful in Disaster Recovery plans, since volumes can be incrementally backed up to an offsite location. I have a VMWare vCenter instance running on Cisco UCS that utilizes a Fibre Channel LUN to store VM templates. It’s pretty large, since it holds templates for a variety of operating systems.Cisco UCS Firmware Upgrade Explorations
I’m currently working with a relatively large Cisco UCS installation. Initially, the system was installed and brought up to relatively recent levels of firmware, but a mismatch in the way that the firmware packages were set up in various sub-organizations on some of the UCS systems caused some of the blades to retain the old version of firmware on the M81KR adapters and the CIMC controllers. Due to the scope of the installation, I wanted to ensure that the blades were able to continue operating while I made my changes.KICLet: Cisco UCS Socket Connect Error
I recently observed some strange behavior with Cisco UCS Manager. When I visited the web page that allows me to download the .jnlp file that launches UCSM, it came up just fine. But when I clicked on “Launch UCS Manager” to actually launch this applet, the splash screen showed briefly, but disappeared after a few seconds, never to be seen again. Eventually, you might also see some java error messages that say something likeKICLet: Cisco UCS Socket Connect Error
I recently observed some strange behavior with Cisco UCS Manager. When I visited the web page that allows me to download the .jnlp file that launches UCSM, it came up just fine. But when I clicked on “Launch UCS Manager” to actually launch this applet, the splash screen showed briefly, but disappeared after a few seconds, never to be seen again. Eventually, you might also see some java error messages that say something likeCisco UCS Firmware Upgrade Explorations
I’m currently working with a relatively large Cisco UCS installation. Initially, the system was installed and brought up to relatively recent levels of firmware, but a mismatch in the way that the firmware packages were set up in various sub-organizations on some of the UCS systems caused some of the blades to retain the old version of firmware on the M81KR adapters and the CIMC controllers. Due to the scope of the installation, I wanted to ensure that the blades were able to continue operating while I made my changes.Fabric stats: OP script for Mx platform
My previous post has presented an hidden command for analysing in real time fabric statistics. I've developed a small op script, for the MX platform, that provides in one command the PFE/Fabric IN/OUT statistics for all the Fabric Planes (0 to 5) for...Fabric stats: OP script for Mx platform
My previous post has presented an hidden command for analysing in real time fabric statistics. I've developed a small op script, for the MX platform, that provides in one command the PFE/Fabric IN/OUT statistics for all the Fabric Planes (0 to 5) for...Five Functional Facts about FabricPath
FabricPath is Cisco's proprietary, TRILL-based technology for encapsulating Ethernet frames across a routed network. Its goal is to combine the best aspects of a Layer 2 network with the best aspects of a Layer 3 network.
- Layer 2 plug and play characteristics
- Layer 2 adjacency between devices
- Layer 3 routing and path selection
- Layer 3 scalability
- Layer 3 fast convergence
- Layer 3 Time To Live field to drop looping packets
- Layer 3 failure domain isolation
An article on FabricPath could go into a lot of detail and be many pages long but I'm going to concentrate on five facts that I found particularly interesting as I've learned more about FabricPath.
How does Openflow, SDN help Virtualization/Cloud (Part 2 of 3)
Using Openflow – state of the ART
In my last article I discussed the components of Openflow and building blocks of a Software Defined Network. In this part, let me discuss some of the things people are doing to make it all work. One of the pieces that needs to be discussed beforehand is the various ways in which a packet can be matched against a flow and what kind of actions can be taken.
Flow Classification and the split between Hardware and Software
A flow is a simple mechanism to identify a group of packets on the wire. So a packets coming from a particular machine can be identified by the machines MAC or IP addresses which appears as source MAC in L2 header or source IP in L3 header. By putting a flow rule around either of those fields and just counting the packets going through the switch that hit that rule, we can determine the number of packets being sent by the machine. Its useful information. To make it more useful, one could add another flow to measure the packets going to our target machine. Adding a destination MAC or destination IP rule based on the machines Continue reading