I previously wrote a post in response to an article that equated Snowden’s CEH certification to James Bond’s “license to kill.” Well, it looks like some technically-challenged media types are at it again. They’ve called Snowden “brilliant” for his ability to “impersonate” users on various systems in order to obtain certain documents and I felt […]
The post More Snowden Media Douchebaggery appeared first on Packet Pushers Podcast and was written by Mrs. Y.
For organizations that have many remote offices a DMVPN solution is a great option. You can purchase a cheap DSL or cable modem based solution then establish a dynamically built encrypted tunnel back to the corporate office or Data Center(s). The hubs should be located in a DMZ behind a firewall at the Data Center […]
The post Securing a DMVPN spoke – Part 1 appeared first on Packet Pushers Podcast and was written by Charles Galler.
When planning your career you need to make several path choices. A career direction, the right attitude, respect for co-workers are all easy. Some people forget that everyday work is part of taking a single step down that path, tomorrow you will take another couple of steps and again the day after. But some people […]
The post You Don’t Have To Hit The Ball Out Of The Park To Hit A Home Run appeared first on Packet Pushers Podcast and was written by Greg Ferro.
DNS needs no introduction in today’s inter-networked, connected world. Though it could be a service the end-users are least aware of, it is one that the network administrator needs to keep an eye on and requires constant monitoring and management to ensure uptime and connectivity. It is DNS servers that help with resolving those easy-to-remember […]
The post Turning BIND DNS Management Into A Walk In The Park appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.
The fight for control between sysadmin and network admin has been going on for decades but the boundary line had been pretty static. Anything that ran a full OS and was a end node was is a server is under server ops while anything that connected the servers together was a network device and was under the control of network operations.
If you look at the progression of the two side through the last two decades, you will realize that the server and server OS have gone through change after change with new software packaging system, virtualization, density of servers per rack, and so on while the networking technology has remained pretty static other than speed and feeds and some tagging protocols. While the server admin kept reinventing himself through open source, virtualization, six nine uptime, the network got split into three distinct category (forgive me Gartner for gross simplification):
How does the internet work - We know what is networking
There are different documents and books which are claiming that Administrative distance for static routes configured using exit interface is 1 and for the static route configured using next-hop IP address Administrative distance is 0. R1(config)#ip route 20.0.0.0 255.255.255.0 10.10.2.1 R1(config)#ip route 20.0.0.0 255.255.255.0 fastEthernet 0/0 This is not true. Both of them are having AD […]
How does the internet work - We know what is networking
There were a bit of confusion in my head about this case. It was not clear to me what is the difference between setting the static route using next hop interface IP address or using exit interface syntax. It seems that both methods are the same and that you have basically two different ways to […]
Difference between defining static routes with next-hop address or exit interface
It’s easy to get upset when that cool new project you wanted is outsourced to an external VAR. The conversation usually goes something like, “You know the existing network and services really well so we’re going keep focused there. We’re going to engage ACME systems integrators for ‘project awesome’ and get them to give that […]
The post Why ‘your’ project was outsourced appeared first on Packet Pushers Podcast and was written by John Harrington.
Your company uses multi-vendor routing platforms (Cisco and Juniper) and has multiple sites connected via MPLS from a service provider. Each remote site has a GRE tunnel with the Headquarter (HQ) and a BGP session over this tunnel. After some security change in the network, sites that are Juniper-based behave differently than the Cisco-based ones, creating outage for the customer. What's wrong?
Noticed this weekend that I couldn’t respond to emails on my personal hosted domains. I thought at first first they changed my PD prefix, but it was up to date in Postfix. Tried submission port and it worked just fine. So looks like Comcast finally caught up with “feature parity” in disallowing outbound SMTP connections on TCP 25.
I’ve been in tech for several years. Over time, I’ve configured things that I’m proud of and I’ve built things that I’m not so proud of. Most of the things that I’m less proud of involve unnecessary or unwarranted complexity that has created operational challenges. In some cases this was a result of a small […]
The post Balancing Complexity and Simplicity appeared first on Packet Pushers Podcast and was written by Paul Stewart.
A welcome return to the Packet Pushers of old where we get where we get a bunch of engineers around the table to generally poke sticks into a box of networking problems and laugh at the noises. Topics What VMware do with networking at VMworld Mentoring in the Day Job – how and what you do to […]
The post Show 159 – Finding a Way To Test It appeared first on Packet Pushers Podcast and was written by Greg Ferro.
In the last post in this series, I spent some time talking about the process of detecting a link failure (given down detection is always the more important issue in fast convergence); let’s continue by looking at notification. If a router discovers a down link, or a down neighbor, how does it tell all the […]
Let’s step back for a minute. So far in this series of blog posts on DCI, I’ve been focusing on extending the Layer 2 domain between data centers with the goal of supporting hot migrations — ie, moving a virtual machine between sites while it’s online and servicing users.
Is that the only objective with DCI?
Well if it was, there wouldn’t be a need for this blog post :-) Cold migrations have valid use cases too. Cold migrations occur when the virtual machine is shut down in one site and then booted in a new site. As part of that operation, typically an orchestration layer (such as VMware’s Site Recovery Manager) will poke and prod the VM to make it ready for operation in the new site. Most notably, it takes care of changing the VM’s IP address and default gateway.
Cold migrations do not have a requirement for the same IP subnet in both sites. This is because there’s no need to maintain active user sessions during the migration. Different IP subnets in the sites means no stretched Layer 2 which means no risk of combining failure domains!
What if that orchestration layer didn’t have to poke Continue reading
Let's step back for a minute. So far in this series of blog posts on DCI, I've been focusing on extending the Layer 2 domain between data centers with the goal of supporting hot migrations — ie, moving a virtual machine between sites while it's online and servicing users.
Is that the only objective with DCI?
Willkommen, bienvenue, welcome! Meine Damen und Herren, Mesdames et Messieurs, Ladies and Gentlemen. Introducing the latest installment in that grand epic known as Healthy Paranoia. Where the nerds are a little nerdier, and the evil bit is always set on your packets. In this episode, we help launch the very first Security Oktoberfest, aka BSides DC. […]
The post Healthy Paranoia Show 16: BSides DC Oktoberfest! appeared first on Packet Pushers Podcast and was written by Mrs. Y.
I was watching a movie the other night with my wife and decided to hop on memegenerator.net and play around with memes. Thought I’d share my creations.