Using the latest Open vSwitch with Devstack and OpenDaylight
While setting up my OpenDaylight OVSDB and Devstack following the awesome instructions from Kyle Mestery, I thought it would be fun to run the latest OVS from source on my compute nodes...
To do this, execute the following commands on one of your compute nodes
before running stack.sh
sudo apt-get -y --force-yes install build-essential devscripts
gcc dkms make automake autoconf debhelper libssl-dev
pkg-config python-all python-qt4 python-zopeinterface
python-twisted-conch gdebi-core dh-autoreconf hardening-wrapper
libtool graphviz ipsec-tools module-assistant python-twisted-web
racoon git
git clone git://git.openvswitch.org/openvswitch
cd openvswitch
./boot.sh
dpkg-buildpackage -b -us -uc -nc
cd ..
Once you’ve built the .deb’s you can copy these to your other compute
nodes using scp:
scp *.deb ubuntu@devstack-compute2:
Replace ubuntu with your username and devstack-compute2 with the
name or IP address of your other compute nodes.
Finally we can install the packages as follows:
sudo dpkg -i *.deb
At the time of writing this will build Open vSwitch 2.1.90. You can check the version as follows:
sudo ovs-vsctl --version
Which will give the following output
ovs-vsctl (Open vSwitch) 2.1.90
Compiled Jan 16 2014 15:18:45
Huge thanks to @FlorianOtel for his help with Devstack!
@dave_tucker
Using the latest Open vSwitch with Devstack and OpenDaylight
While setting up my OpenDaylight OVSDB and Devstack following the awesome instructions from Kyle Mestery, I thought it would be fun to run the latest OVS from source on my compute nodes...
A brief departure from talking IPv6
There is a lot of news surrounding Net Neutrality, and potential repercussions of decisions made by courts, and some players out there that want to grab as much cash as they can, and claim it is in the best interest of their customers.
Netflix is just an example people love citing because it is bandwidth intensive, yet is not the entire story itself. Take a moment and understand how the Internet is pieced together. The Internet is a mass of interconnections between networks. These interconnections happen basically 1 of 3 ways:
transit: network A pays network B to reach every other network that isn’t A or B. Good networks usually get multiple transits for failover, and/or alternate paths to those other networks. You can buy multiple ports for bonding to increase capacity, etc. Average transit price without a Service Level Agreement (SLA, guaranteed connectivity or you can yell at us a lot and we credit you) is around $1-2/mbit, and with a SLA can hit upwards of $10/mbit. These are current avg. prices when buying 10G at a time of connectivity/capacity right now.
peering (settlement free, or “free”): Network A spends a bunch of money to get into popular Continue reading
Large flow marking using hybrid OpenFlow
 |
| Figure 1: Marking large flows |
 |
| Figure 2: Large flow marking controller results |
ping -f 10.0.0.238 -s 1400Figure 2 shows the results, the left half of the chart shows traffic when the controller is disabled and the right half shows traffic when the controller is enabled. The blue line trends the largest unmarked flow seen in the network and the gold line shows the largest marked flow. When controller is disabled, none of the traffic is marked. When the controller is enabled, sFlow-RT detects the large flow Continue reading
Using the latest Open vSwitch with Devstack and OpenDaylight
While setting up my OpenDaylight OVSDB and Devstack following the awesome instructions from Kyle Mestery, I thought it would be fun to run the latest OVS from source on my compute nodes...
Cisco ACI – Speculation of its Inner Workings
Last week I was at a Cisco users group meeting where some sales engineers were giving a presentation on the new Application Centric Infrastructure (ACI) architecture and Nexus 9000 products. It was a very high-level overview, but it was interesting. I had assumed when Cisco made the ACI announcement that it would be based on […]
Author information
The post Cisco ACI – Speculation of its Inner Workings appeared first on Packet Pushers Podcast and was written by Eric Flores.
Why We Need to Learn During Weekend
We are group of design architects/consultants who do network design in daily basis. We are spread in different countries across Asia, Europe and Middle East. We happen to have CCDE certification too. And all of us have the same dream to build the community filled up with real design experts, those who actually do design work to solve real world's network design problems. And we want to teach real design skills based on our experiences. To help those who want to become the next design architects/consultants, or to pass CCDE exam. To achieve this, we conduct design expert workshop in various locations, during the weekend.Wait. What?
Why do we need to learn during the weekend?
It might be a good workshop. It might be an opportunity to hear real world's network design examples. It might be a good chance to meet another design professionals.
But come on, attending technical workshop during the weekend?
I hear you. I know how it feels.
After long hours of work during weekday, we deserve our weekend. When we need to learn something related to work, we should do it during workday. When we need to learn design, we can ask the company to Continue reading
sFlow leads convergence of multi-vendor application, server, and network performance management
 |
| Figure 1: Best of Velocity 2012, The sFlow Standard |
Figure 1 shows the strategic role that ADCs (load balancers) play in controlling the flow of application requests, regulating admission, filtering, directing loads, and virtualizing services. RESTful control of ADCs combined with real-time visibility provides a powerful capability for flexing resources as demand changes, reducing costs and increasing performance as resources are closely matched to workloads.
What is unusual about diagram is the inclusion of the network. Application architects often give little thought to the network since its complexity is conveniently hidden behind APIs. Unfortunately, it is in the Continue reading
Show 175 Dying Desktops, Insecure Firewalls, Networking The Internet of Things
This week Greg and Ethan go back and forth on a bunch of current happenings. Data Networking is full of releases, updates and progress. In 80 minutes we will discuss the topics that look important to us.
Author information
The post Show 175 Dying Desktops, Insecure Firewalls, Networking The Internet of Things appeared first on Packet Pushers Podcast and was written by Greg Ferro.
CEF Secret Attributes, Part 2
In Part 1 we saw there were three markings that can be potentially applied to a prefix in CEF. They are the Precedence, qos-group and traffic_index. It’s unfortunate these terms were used because we also find that we are marking prefixes in CEF, not packets, so these terms don’t perfectly map to our traditional sense […]
Author information
The post CEF Secret Attributes, Part 2 appeared first on Packet Pushers Podcast and was written by Dan Massameno.
Overhauling PacketLife.net for 2014
Regular readers no doubt have noticed that I haven't posted anything new in the past few months. I've been pretty busy with the holidays, home projects, and adjusting to a new job, and haven't had much time or motivation to devote to writing. Good news though: I have started on a long-overdue refresh of the Packet Life design and code base.
When I originally debuted Packet Life, I ultimately wanted it to serve as major community hub, so I built in features like the wiki and discussion forum. Although Packet Life has grown quite popular over the last few years, these areas of the site have seen little activity. Acknowledging that there are more active and useful sites out there which serve these functions, I've decided to chop off some of the bloat in favor of focusing on the blog and the site's other more popular features.
Here's the fate I've outlined for each function of the site:
Blog: The blog is the heart of the site and will remain mostly unchanged, albeit refreshed and optimized. I'm considering allow guest posts but haven't committed to the idea.
Lab: No, there are no plans to bring the community lab back online Continue reading
IPv6 Anycast Address type
How does the internet work - We know what is networking
IPv6 Anycast Address As the name says it’s an address that can exist more than once anywhere in the network. It is maybe better to say that it can exist in multiple places all over the Internet. This kind of address is basically enabling us to have servers and services physically closer to us as […]
Microloop!
Don’t look now, but you have microloops. How do I know? Because virtually every network with rings larger than three hops, running a link state protocol, will develop a microloop during normal convergence. Okay, so what’s a microloop, and how dangerous is it? Let’s figure this out looking at the (now rather standard) five router […]
Author information
Packet Design Named Top Customer Experience by SAP
This item has no description. Follow link to view item.The Journey Starts 2014 – CCIE Security – Blog Post1
Well it is time to buckle down and make it happen in 2014. The goal is to become a dual CCIE by the end of 2014. I have previously passed the CCIE Sec written in version 3 but I did not have the time to actually sit for the lab and I also wanted to refresh to the latest version of the track. That said I am taking a small step back to refresh and reinforce the theory. The plan is to go through the NP Security track while labbing but also taking the respective NP exam followed by the written and then ultimately sit for the lab.Here is the order as it stands today:
- 642-627 IPS - Implementing Cisco Intrusion Prevention System
- 642-618 FIREWALL - Deploying Cisco ASA Firewall Solutions
- 642-648 VPN - Deploying Cisco ASA VPN Solutions
- 642-637 SECURE - Securing Networks with Cisco Routers and Switches
- ISE and WSA
- CCIE Written
- CCIE Lab
The primary partner that I am leveraging is CiscoPress and Cisco Docs for the theory and iPexpert for all the heavy labbing.
The great thing about this journey is that I already eat, sleep, and breath Cisco .:|:.:|:.
Twitter: FE80CC1E
Physical switch hybrid OpenFlow example
 |
| Figure 1: Controller using HTTP / REST API |
 |
| Figure 2: Performance aware software defined networking |
 |
| Figure 3: OmniSwitch controller using hybrid OpenFlow |
 |
| Figure Continue reading |
DEW: MPLS/Tunneling Design in Dubai!
Update: I received lots of request to reduce the fee. After considering it, I decided to create "DEW - No Frills". The fee is now 30% lower but please don't expect fancy hotel meeting room, no lunch included, no coffee break, no print out, no notebook or other gift to attendees. It will be only geeks in a room discussing network design.After the first Design Expert Weekend in Riyadh focusing on IPv4/IPv6 Routing Design, the second DEW will be held in Dubai, UAE, for MPLS/Tunneling Design.
What:
Design Expert Weekend in Dubai on 24-25 January will focus on MPLS/Tunneling Design. Agenda will cover:
- MPLS Refresh
- MPLS L3VPN Design
- MPLS L2VPN Design
- MPLS VPN Inter-AS
- MPLS Traffic Engineering
- MPLS VPN Resiliency
- IPv6 over MPLS
- Other non-MPLS Tunneling: GRE, L2TPv3, IPSec, DMVPN, IPv6 Tunneling
- CCDE exam tips and tricks
- CCDE sample questions and scenario to practice ability to analyze design requirements, develop network designs, implement network design, validate and optimize network design
The other two DEW are held in separate session:
DEW:Routing Design (IGP IPv4/IPv6, BGP, scaling, inter-AS, HA, and include PIM, ASM, SSM Multicast)
DEW:SP Design (Physical, L2, IGP/BGP/MPLS/PIM Continue reading
New Opportunity at Red Hat
Exciting times are upon us. I have humbly accepted a job at Red Hat on the Open Daylight dev team working with some incredible people at Red Hat and just as special folks in the community. I just wanted to pop up a brief post letting my friends in the community know where I am heading. I will miss my ......
Alcatel-Lucent OmniSwitch analytics driven control
Performance Aware SDN describes the theory behind analytics driven orchestration. The talk describes how fast controller response, programmatic configuration interfaces and consistent instrumentation of all the elements being orchestrated are pre-requisites for feedback control.This article uses an Alcatel-Lucent OmniSwitch 6900 as an example. The switch has hardware sFlow support for line rate visibility on all ports, and support for OpenFlow and a RESTful configuration API to deploy control actions. In this example a basic DDoS mitigation filtering function will be triggered when large flood attacks are detected. The script is based on the version described in the article Integrated hybrid OpenFlow, but modified to use the OmniSwitch RESTful API.
