Networking Archives - Page 3351 of 3423

Default CoS Value in Netapp Cluster Mode

I was troubleshooting an MTU related issue for NFS connectivity in a Flexpod (Cisco UCS, Cisco Nexus, and Netapp storage with VMware vSphere, running the Nexus 1000v). Regular-sized frames were making it through, but not jumbo frames. I ensured the endpoints were set up correctly, then moved inwards….in my experience, the problem is usually there. The original design basically included the use of CoS tag 2 for all NFS traffic, so that it could be honored throughout the network, and given jumbo frames treatment.

Default CoS Value in Netapp Cluster Mode

Superman, Immortal, Janitor

"What's the difference between Solutions Architect and Technical Leader?"

Someone asked me that question last week. We all know the answer: none. It's just a damn title. Title doesn't matter. It never does. Batman once said: it's not who you are underneath, it's what you do that defines you.

In my current organization, that focuses on consulting services, there is a distinction between Solutions Architect and Technical Leader role in career path for technical person. (Himawan, but you said there is no such thing as career path? Well, let's save the debate for some other time).

As seen in below figure, Network Consulting Engineers (NCE) make progress from level I to level IV, and this is the point where he/she can make decision: either to stick as NCE then becomes Technical Leader someday, or to move to become Solutions Architect. He/she can actually move to any other position across the organization like pre-sales consultant or project manager or business development manager or even accountant! But let's keep the discussion between the path of Technical Leader and Solutions Architect.

So what's the difference between the two then?

Both must have excellent soft skills: communicate effectively, above average presentation skills, team Continue reading

MITM and Routing Security

If the motivation behind the effort behind securing BGP was to allow any BGP speaker to distinguish between routing updates that contained “genuine” routing information and routing updates that contained contrived or false information, then these two reports point out that we’ve fallen short of that target. What’s gone wrong? Why are certain forms of routing Man-In-The-Middle attacks all but undetectable for the RPKI-enabled BGPSEC framework?

The Impact of Software Defined X on a Networking organization

Introduction We’re in one of the most exciting times in data networking. While I’m sure we’re all sick of vendors co-opting technologies in their infancy, there is a lot of good work going on to change the fundamentals of moving data (I shudder to call this a paradigm shift; I’ll save that term for life […]

Author information

Andrew Gallo

Senior Information Systems Engineer

Andrew Gallo is a Washington, DC based Senior Information Systems Engineer
and Network Architect, responsible for design and implementation of the
enterprise network for a large university.

Areas of specialization include the University's wide area connections,
including a 150 kilometer DWDM ring, designing a multicampus routing
policy, and business continuity planning for two online datacenters.

Andrew started during the internet upswing of the mid to late 90s
installing and terminating fiber. As his career progressed, he has had
experience with technologies from FDDI to ATM, and all speeds of Ethernet,
including a recent deployment of several metro area 100Gbps circuits.

Focusing not only on data networks, Andrew has experience in traditional
TDM voice, VoIP, and real-time, unified collaboration technologies.

Areas of interest include optical transport, network virtualization and
software defined networking, and network science and graph Continue reading

On Link in IPv6

As an avid reader of RFCs and RFC drafts, I’m always running across little bits of knowledge I either already knew and forgot (I forget a lot of things), or things I didn’t know and wouldn’t have expected. RFC5942, published way back in 2010 (a long time in network engineering terms), discusses a topic I […]

Author information

Russ White

Principle Engineer at Ericsson

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, is currently working on a new book in the area Continue reading

How Does QoS Work?

This sponsored blog post was written by Clark Zoeller, CCIE #13760, Sales Engineer with ActionPacked Networks. Quality of Service (QoS) is a suite of technologies used to manage bandwidth usage as data crosses computer networks. Its most common use is for protection of real-time and high priority data applications. QoS technologies, or tools, each have […]

Author information

Sponsored Blog Posts

The Packet Pushers work with our vendors to present a limited number of sponsored blog posts to our community. This is one. If you're a vendor and think you have some blog content you'd like to sponsor, contact us via [email protected].

The post How Does QoS Work? appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.

Configuring SNMPv3 On NX-OS

We’re currently trying to allow a client to perform an operation using SNMP set commands on a Cisco NX-OS switch (namely a 5548).

It’s possible using SNMPv2c and community strings, but this does not generate a log message, making it completely unaccountable. SNMPv3 seems to have the answer. According to the documentation, it provides:

Integrity
Encryption
Authentication

I’ve tested using a set operation to change a MIB using the following command:

snmpset -v 3 -u test -l authpriv -a MD5 -A Testpass01 -x DES -X Testpass01 hostname system.sysLocation.0 s TESTLOCATION

Which works fine.

However, the problem arises when trying to back off the authentication of the SNMP operation to TACACS/RADIUS. My interpretation of the documentation suggests this is possible. My Cisco SE has not denied it either. However, I reckon some changes need to be made to the authentication server. According to what I’ve read:

You can use the VSA cisco-av-pair on AAA servers to specify user role mapping for the Nexus 5000 Series switch using this format:

shell:roles="roleA roleB ..."

If you do not specify the role option in the cisco-av-pair attribute, the default user role is network-operator.

You can also specify your SNMPv3 authentication and privacy Continue reading

IPv6 at the OECD – A Public Policy Perspective on IPv6

The Organisation for Economic Co-operation and Development, the OECD, is a widely referenced and respected source of objective economic data and comparative studies of national economies and economic performance. The organization has a very impressive track record of high quality research and a justified reputation of excellence in its publications, even with its evident preference for advocating economic reform through open markets and their associated competitive rigors. OECD activities in the past have proved to be instrumental in facilitating change in governmental approaches to common issues that have broad economic and social dimensions. So how does IPv6 fit into this picture of OECD activities?

Converging Skillsets With Technology

I saw this Engineers Unplugged video today and was reminded of a viewpoint I’ve been slowly developing over the last two years or so: Essentially the discussion is about convergence technologies like FCoE, where we rid ourselves of a completely separate network, and converge FC storage traffic onto our standard Ethernet network. With this technology shift, how does this impact the administration of the technology? Do the teams have to converge as well?

Converging Skillsets With Technology

Hardware – Clock and Data Recovery

Clock and data recovery is an essential physical-layer function of modern switch and router hardware. Digging deep into the electronics of a router may not be your thing, but clock recovery is a fundamental building block for other network hardware … Continue reading →

The post Hardware – Clock and Data Recovery appeared first on The Network Sherpa.

IOS and NX-OS Platform Identifiers

I was preparing a presentation the other day about the high level differences between IOS, IOS-XE and NX-OS and one of the things I included in the presentation was the various platform and branch identifiers that’s used in each OS. It’s just a bit of trivia that I thought would be interesting and might come in handy one day. I’m posting the information I collected below so everyone can reference it.

IOS

For IOS, you can see the platform identifier in the filename and the “show version” output. If we take an example version string, 15.1(2)SG2, and break it down, here’s what each digit in the string signifies:

15	.1	(2)	SG	2
Major release number	Minor release number	New feature release number	Branch/train/platform identifier	Maintenance rebuild number

The branch/platform identifier can also be seen in the IOS filename:

cat4500e-entservicesk9-mz.151-2.SG2.bin

Here’s a summary of the branch identifiers in IOS 15:

M/T – 800 Series ISR, ISRg2 (1900, 2900, 3900), Connected Grid Router 2000
S – 7600 Series Router, ME 3600X, ME 3800X
GC – 5900 Series Embedded Router
SE – Catalyst 2960, 3560, 3750, IE 3000 Switches
SG – Catalyst 4500E (Sup 6E and earlier)
Continue reading

Show 171 – Cisco FabricPath Deep Dive Part 2

Cisco FabricPath is a TRILL-based layer 2 forwarding technology that can take the place of spanning-tree. Allowing a fully-meshed layer 2 network to forward traffic across all links, FabricPath helps customers to make the most of their expensive 10GbE and 40GbE interconnects. In this show, Jamie Caesar, Colby Glass, and Ed Diaz discuss real-world FabricPath […]

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post Show 171 – Cisco FabricPath Deep Dive Part 2 appeared first on Packet Pushers Podcast and was written by Ethan Banks.

IOS and NX-OS Platform Identifiers

I was preparing a presentation the other day about the high level differences between IOS, IOS-XE and NX-OS and one of the things I included in the presentation was the various platform and branch identifiers that's used in each OS. It's just a bit of trivia that I thought would be interesting and might come in handy one day. I'm posting the information I collected below so everyone can reference it.

Installing Pyenv on Mac OSX

When I’m writing code, I’m usually in OSX. When I want to try things out, or check for compatibility between certain versions of Python, it’s handy to have them all accessible… enter Pyenv. Pyenv is based on Rbenv, which for you non-Rubyists is a tools that allows you to set up Ruby environments that are scoped either globally, per-shell or per-folder!

If you aren’t using Homebrew already, which I highly recommend you should, then install it.

ruby -e "$(curl -fsSL https://raw.github.com/mxcl/homebrew/go/install)"

Before you start brewing you should run “brew doctor”. This will check that everything is ok with your installation.

brew doctor

Hopefully you will get a message “Your system is ready to brew”, otherwise doctor brew will oftentimes tell you what to do.

brew install python
brew install pyenv

The above commands will, install homebrew’s Python 2.7 (to replace the system pyhton) and install pyenv. Replacing the system Pyhton fixes issues with needing “sudo” for easy_install and others documented here

Now Pyenv is installed, you should edit your “~/.bash_profile” and add the following:

export PYENV_ROOT=/usr/local/opt/pyenv  
eval "$(pyenv init -)"

This changes the Pyenv root path and makes sure pyenv is initialized.

$SHELL -l

Installing Pyenv on Mac OSX

Bypassing the memory check on a VMware ESXi 5

When my new HP ML10 arrived I was ready to install ESXi… until I realised that my 32GB of RAM wouldn’t be on its way for a week! To get around the memory check in ESXi 5.5, I found the awesome instructions here and with a few tweaks was able to get this working. Here are the 20 steps that I followed…

Boot the system from USB Stick with ESXi installer on it.
Once the installer welcome screen shows up, press ALT+F1
Login as “root”, no password.
cd /usr/lib/vmware/weasel/util
Delete upgrade_precheck .pyc (compiled version)
Move precheck.py to precheck.py.old
cp upgrade_precheck.py.old upgrade_precheck.py
chmod 666 upgrade_precheck.py
vi upgrade_precheck.py
Type “/MEM_MIN” and press ENTER
Press “i” for insert
Edit the line to read “MEM_MIN_SIZE= (1*1024–32)”
Press ESC and then type “:w” and ENTER
Press ESC and then type “:q!” and ENTER
ps -c | grep weasel
Note the process id for “python”
kill –9 /<process_id/>
This put me back at the main screen, but you can jump back pressing ALT+F2 if necessary
Continue the install process
Fin

Bypassing the memory check on a VMware ESXi 5

Installing Pyenv on Mac OSX

« Previous 1 … 3,349 3,350 3,351 3,352 3,353 … 3,423 Next »