Archive

Category Archives for "Networking"

DMVPN animation

Here is an interactive animation of DMVPN (Dynamic Multipoint VPN), followed by a detailed offline lab (a snapshot of the topology under test with hopefully all commands needed for analysis and study). Finally, check your understanding of the fundamental concepts by taking a small quiz. Studied topology: Animation Offline Lab You might consider the following […]

Running around HTTP firewalls

Running around HTTP firewalls

When I was in 6th form and I wanted to get SSH access to my own systems I had quite a few issues doing so, Since port 22 was blocked and just about every other port was, For the first year that was fine however since

Playing with the new HP SDN Controller – including getting started guide with Open vSwitch in GNS3

For best article visual quality, open Playing with the new HP SDN Controller – including getting started guide with Open vSwitch in GNS3 directly at NetworkGeekStuff.

So, HP has made one if its significant moves last November (2013) with the first public release of their OpenFlow based SDN VAN Controller 2.0. And because you can download it for free in 60 day trial as an ubuntu package, I wanted to create a nice environment for myself where I can play with it and some OpenFlow enabled switches effectively. This I achieved using the good old GNS3 simulator and importing VirtualBox linux hosts there, one for the SDN controller running on ubuntu system, and several small debian systems running Open vSwitch that will act as OpenFlow SDN switches.

Target solution of this GUIDE:

So lets make this article organized, first what is our target. We want to have two VirtualBox systems ready:

  1. Ubuntu with HP SDN Controller 2.0 installed
  2. Open vSwitch in OpenFlow mode running on debian (controlled by the HP SDN controller)

And we want it all inside GNS3 to be able to play in virtual environment anytime. The two cisco router are actually only simulating end PCs Continue reading

The NSA, surveillance, and Call Records

First off, let me be very clear. I do *not* condone placing backdoors into critical infrastructure such as firewalls and routers. This post is about the packets themselves, and capturing only what is legally allowed. I believe the NSA has the legal right (and the mandate) to do much of what they are currently doing, […]

Author information

Ken Matlock

Ken Matlock

Ken Matlock is a networking veteran of 19 years. He has worked in many fields in the networking industry including Service Provider, Retail, and Healthcare. When he's not fixing the problems of the networking world, he can be found studying for his CCIE, spending time with his family, and trying to chase the ever-elusive sleep.

He can be found on twitter @KenMatlock , email at [email protected] , irc.freenode.net #PacketPushers, or the occasional blog or forum post.

The post The NSA, surveillance, and Call Records appeared first on Packet Pushers Podcast and was written by Ken Matlock.

Show 174 – War Stories From the Hot Aisle: The Nightmare Before Christmas, Part 2

“Everything is down! The whole network!! RUN AWAY, RUN AWAY!” Yes, we’ve all had those terrible days in networking, where no one can get to anything & it’s all up to you to get it fixed. At least management is there to help, stomping their feet, making demands, and whining about the dollars lost per […]

Author information

Ethan Banks

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post Show 174 – War Stories From the Hot Aisle: The Nightmare Before Christmas, Part 2 appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Maximally Redundant Trees

We’ve come almost to the end of our little series on fast reroute; in this episode we’ll look at maximally redundant trees (MRTs) — this episode is going to be a little “graphy,” so get your seatbelts on. The general idea behind IP fast reroute is to precalculate a set of alternate paths that can […]

Author information

Russ White

Russ White
Principle Engineer at Ericsson

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, is currently working on a new book in the area Continue reading

2013 Recap and 2014 Goals

Wow - this one snuck up on me. Seriously, when I think of how 2013 went, I’m amazed at how much happened this year but also how fast it flew by. As per the tradition I started last year, I thought it prudent to write a post summarizing how terribly I was able to forecast 2013 in terms of personal goals, and make another feeble attempt at planning out 2014.

2013 Recap and 2014 Goals

Wow - this one snuck up on me. Seriously, when I think of how 2013 went, I’m amazed at how much happened this year but also how fast it flew by. As per the tradition I started last year, I thought it prudent to write a post summarizing how terribly I was able to forecast 2013 in terms of personal goals, and make another feeble attempt at planning out 2014.

2013 End of Year Blog Statistics

I debated whether to write an article like this. It seems to be the “in vogue” thing to do if you’re a blog author but I wasn’t inclined to do it until I started looking at the data (I heart data). When I started looking at the data, I saw not only number of visitors and so on to the blog, but a breakdown of browser versions and operating systems (thank you Google Analytics for the rich reports). As is often the case, your data set can tell you more than you initially bargained on.

All of the reports below are comparing year-over-year stats: Jan 1 2012 – Dec 29 2012 vs Jan 1 2013 – Dec 29 2013.

First, the overall picture of visits to the blog:

2013_overall_stats

38% more overall visitors and 53% more unique visitors in 2013. Pretty cool! And over 58 thousand people put eyes on my blog in the past year. That’s something I hope to build on in 2014.

The first unexpected data point I saw is that in 2013, the blog saw more new visitors than in 2012. That means the readership is expanding to include new people which is excellent.

2013_new_vs_returning_visitor

 

Next up Continue reading

2013 End of Year Blog Statistics

I debated whether to write an article like this. It seems to be the “in vogue” thing to do if you're a blog author but I wasn't inclined to do it until I started looking at the data (I heart data). When I started looking at the data, I saw not only number of visitors and so on to the blog, but a breakdown of browser versions and operating systems (thank you Google Analytics for the rich reports). As is often the case, your data set can tell you more than you initially bargained on.

Automatic host availability check

From version 0.9 on there is a option to automatically check statuses of configured hosts for selected subnets, and I received some related questions about it, so here is a short description and guide for it.

Firstly, pcntl support for php cli is advised so phpipam can do parallel icmp checks, this greatly reduces time required for checking status. You can check if your installation is ok with following command:

php -m | grep pcntl

1.) Configure the parameters for pinging

You should set required parameters for pinging, etc ping path etc under

functions/scan/config-scan.php

You can get your ping path by invoking “whereis ping” in terminal.
You can also set some optional parameters in script itself

functions/scripts/pingCheck.php

 

Also, set the time parameters for status under Administration > IPAM settings (Ping status intervals), phpipam will set host as down/up based on this values.

2.) Select which networks to check

Now you have to select which subnets should scan for statuses for configured hosts. Go to edit subnet and check “Check hosts status”. This will tell the cron script to check the status of hosts inside this subnet.
ICMP check

3.) Add cron script

I suggest checking Continue reading

Not Another CCDE Study Group

The world needs more network design experts.

That's what I believe. That's what I see.
I will not call myself as a design expert. But I've been traveling intensively the past 6 months, meeting different customers in different countries, to conduct design workshops in multiple projects. I may not be the best but it seems like not many people can do what I do. Or willing to do what I do. Or combination of both.

No certification program can make you a design expert. Not even CCDE. You need all of the following three instead:
1. Network
2. Skills
3. Experience

Network or strong connection to many subject matter experts is crucial because I don't know anyone who is an expert in all the technologies and in different vertical industries. You need to know whom to ask. An expert is not the one who knows all the answers, but the one who knows how to find the answers.

Experience doing various design work can't be replaced with any certification. Experience to lead design workshop can't be tested in the exam. Experience to capture customer requirement, to present the proposed solution, and to defend it, is very difficult to be simulated Continue reading

A Christmas Binary Miracle

My brother got a little puzzle in his stocking this Christmas. It was a little cardboard booklet, and on each page was written a block of numbers, like so: BLOCK ONE 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63 BLOCK TWO 2 3 6 7 10 11 14 15 18 19 22 23 26 27 30 31 34 35 38 39 42 43 46 47 50 51 54 55 58 59 62 63 BLOCK THREE 4 5 6 7 12 13 14 15 20 21 22 23 28 29 30 31 36 37 38 39 44 45 46 47 52 53 54 55 60 61 62 63 BLOCK FOUR 8 9 10 11 12 13 14 15 24 25 26 27 28 29 30 31 40 41 42 43 44 45 46 47 56 57 58 59 60 61 62 63 BLOCK FIVE 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 BLOCK Continue reading

A Christmas Binary Miracle

My brother got a little puzzle in his stocking this Christmas. It was a little cardboard booklet, and on each page was written a block of numbers, like so: BLOCK ONE 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63 BLOCK TWO 2 3 6 7 10 11 14 15 18 19 22 23 26 27 30 31 34 35 38 39 42 43 46 47 50 51 54 55 58 59 62 63 BLOCK THREE 4 5 6 7 12 13 14 15 20 21 22 23 28 29 30 31 36 37 38 39 44 45 46 47 52 53 54 55 60 61 62 63 BLOCK FOUR 8 9 10 11 12 13 14 15 24 25 26 27 28 29 30 31 40 41 42 43 44 45 46 47 56 57 58 59 60 61 62 63 BLOCK FIVE 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 BLOCK Continue reading

Show 173 – War Stories From The Hot Aisle: The Nightmare Before Christmas, Part 1

“Everything is down! The whole network!! RUN AWAY, RUN AWAY!” Yes, we’ve all had those terrible days in networking, where no one can get to anything & it’s all up to you to get it fixed. At least management is there to help, stomping their feet, making demands, and whining about the dollars lost per […]

Author information

Ethan Banks

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post Show 173 – War Stories From The Hot Aisle: The Nightmare Before Christmas, Part 1 appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Healthy Paranoia Show 20: SDN – Heretic of Security

The known universe has been ruled by the monolithic network device. In this time, the most precious substance in the Universe is the  ASIC. The ASIC extends life. The ASIC expands consciousness. The ASIC is vital, it provides the ability to fold space. That is, travel to any part of the network. The ASIC exists […]

Author information

Mrs. Y

Snarkitecht at Island of Misfit Toys

Mrs. Y is a recovering Unix engineer working in network security. Also the host of Healthy Paranoia and official nerd hunter. She likes long walks in hubsites, traveling to security conferences and spending time in the Bat Cave. Sincerely believes that every problem can be solved with a "for" loop. When not blogging or podcasting, can be found using up her 15 minutes in the Twittersphere or Google+ as @MrsYisWhy.

The post Healthy Paranoia Show 20: SDN – Heretic of Security appeared first on Packet Pushers Podcast and was written by Mrs. Y.

Design Expert Weekend – 5W1H

This post is related to my new initiative called Design Expert Weekend.
The pilot workshop for DEW: IPv4/IPv6 Routing Design, will be held in Olaya, Riyadh, on Friday-Saturday 3-4 January 2014.

What:
Design Expert Weekend in Riyadh on 3-4 January will focus on IPv4/IPv6 Routing Design. Agenda will cover:

- IGP IPv4 and IPv6 Design (OSPF, ISIS, EIGRP)
- BGP Design
- Routing scalability and Inter-AS
- Traffic Engineering
- Routing Fast Convergence and High Availability
- Multicast Routing Design
- CCDE exam tips and tricks
- CCDE sample questions and scenario to practice ability to analyze design requirements, develop network designs, implement network design, validate and optimize network design

The other two DEW will be held in separate session:
DEW:Tunneling Design (MPLS-based L3VPN/L2VPN, tunnel protection/MPLS TE, other tunnelling include IPv6 transition)
DEW:SP Design (Physical, L2, IGP/BGP/MPLS/PIM as transport, MPLS-based services, Internet, IPTV, HA, QoS, security, management)

Why:
To help network engineers to gain real design skills. DEW can help with CCDE exam preparation, and beyond.
Our main goal is not to make you certified. But to give the real knowledge. The real skills. Then to be certified or not it's your decision not ours.

Who:
Any network engineers/architects who Continue reading

Fast Reroute Mechanisms

Network reliability is an important measure for deployability of sensitive applications. When a link, node or SRLG failure occurs in a routed network, there is inevitably a period of disruption to the delivery of traffic until the network reconverges on the new topology. Fast reaction is essential for the failed element. There are two approaches […]

Author information

Orhan Ergun

Orhan Ergun, CCIE, CCDE, is a network architect mostly focused on service providers, data centers, virtualization and security.

He has more than 10 years in IT, and has worked on many network design and deployment projects.

In addition, Orhan is a:

Blogger at Network Computing.
Blogger and podcaster at Packet Pushers.
Manager of Google CCDE Group.
On Twitter @OrhanErgunCCDE

The post Fast Reroute Mechanisms appeared first on Packet Pushers Podcast and was written by Orhan Ergun.

How portable is your network operating system?

Conversations are swirling throughout the tech industry about whether white box switches are disrupting the networking industry, similarly to how white box manufacturers helped commoditize the server industry. If this recent InfoWorld article, is not enough to persuade you, consider that even John Chambers himself has recently chimed in on the threat of white boxes eroding Cisco’s margins.                                                                                         

The idea of white box switching from a Pica8 perspective is to help create an operating abstraction between the “metal” (in our case white box switches from original device manufacturers, or ODMs) and the network operating system (OS) itself.  When that’s created, you have a degree of OS portability.

In a typical first meeting with a prospect, we frequently get asked if they can port a version of our OS on their existing Cisco switches. At first blush, it makes sense but let’s examine the three key issues that need to be addressed to truly Continue reading