Archive

Category Archives for "Networking"

The Only Two Ok Responses to Valid Feedback

Earlier this week, I wrote over on the Plexxi blog that the most important thing to look for in a potential new hire is coachability. If being coachable is the most important contributor to sustained long-term growth in employees, then how do you make yourself more coachable? There are countless tips and tricks to being […]

Author information

The post The Only Two Ok Responses to Valid Feedback appeared first on Packet Pushers Podcast and was written by Michael Bushong.

Show 158 – Avaya – Software Defined Data Centre & Fabric Connect

We’ve done many podcasts now on Software Defined Whatever. Most of those shows are focused on diving deep into SDN technology and how protocols such as OpenFlow are meant to work. Let’s face it - this is fascinating stuff to a bunch of engineers. But over and beyond just being cool technology – SDN must solve a problem.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Show 158 – Avaya – Software Defined Data Centre & Fabric Connect appeared first on Packet Pushers Podcast and was written by Greg Ferro.

To Sit or Stand?

Unless you’ve been living under a rock for the last couple of years, I’m sure you’ve read the articles about how bad prolonged sitting is for your health. If you sit for a major part of your day (at work, in traffic and at home), your risk of diabetes and heart disease is doubled. The […]

Author information

Mrs. Y

Snarkitecht at Island of Misfit Toys

Mrs. Y is a recovering Unix engineer working in network security. Also the host of Healthy Paranoia and official nerd hunter. She likes long walks in hubsites, traveling to security conferences and spending time in the Bat Cave. Sincerely believes that every problem can be solved with a "for" loop. When not blogging or podcasting, can be found using up her 15 minutes in the Twittersphere or Google+ as @MrsYisWhy.

The post To Sit or Stand? appeared first on Packet Pushers Podcast and was written by Mrs. Y.

IPv6 Implementation beyond theory & How playing with RA messages may be issue-istic

How does the internet work - We know what is networking

Some of this things I read in books and some of them took me few days of troubleshooting and sweating to get to them so I give them for free here to save you fellow networker some time: SLAAC The mighty SLAAC is the prefered method of IPv6 allocation, but is it so mighty? Or it […]

IPv6 Implementation beyond theory & How playing with RA messages may be issue-istic

Networking Field Day 6

I’ll be attending Networking Field Day 6 in San Jose, CA from September 11 - 13th. I am both honored and humbled to be a part of this event, and I am counting the days until my flight leaves for Silicon Valley. I love the area in general, as I’ve been there several times now - but having the privilege to go back for something like Networking Field Day is truly exciting.

Networking Field Day 6

I’ll be attending Networking Field Day 6 in San Jose, CA from September 11 - 13th. I am both honored and humbled to be a part of this event, and I am counting the days until my flight leaves for Silicon Valley. I love the area in general, as I’ve been there several times now - but having the privilege to go back for something like Networking Field Day is truly exciting.

RSVP Per Flow Limit and RSVP Call Rate

When configuring RSVP, the “ip rsvp bandwidth (bandwidth) [per flow limit]” command there is an optional parameter which limits the per flow bandwidth of individual RSVP reservation.  When using Call Admission Control for VoIP, that is the rate of an individual voice call in one direction, but the behavior is not as clear cut as it seems.

This feature was added to prevent other application from reserving all of interface’s reservable bandwidth.  If a video application uses RSVP within the network, it can take up majority of the reservation with a single video call.  For example if the smallest interface only has 500 kbps RSVP bandwidth and a video conference request all 500 kbps, no voice calls will be allowed through. Per flow limit wouldn’t allow one reservation to request all of the bandwidth. There are other methods to limit other application’s ability to reserve bandwidth with a more granular method using a RSVP local policy.

The actual VoIP rate is depended on many factors such as codec, sampling rate and header overhead.[1] The most common codec is either G.711 or G.729. For the G.711 codec, the IP rate is 80 Continue reading

How Fast is Fast?

“How fast is fast?” In the “bad old days,” when routing protocols were young, and we still shot NERF guns at one another in TAC, IGRP was a going concern (not EIGRP, IGRP!). IGRP holds the distinction of being the slowest converging routing protocol (with default timers) ever deployed in real networks. How slow is […]

Author information

Russ White

Russ White
Principle Engineer at Ericsson

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, is currently working on a new book in Continue reading

There’s No Stupid Question, But…

While I’m a big proponent of people asking questions, there are a few considerations that I’d like to address. These considerations are not about looking (or sounding) “stupid” or otherwise inhibiting the necessary free flow of information. These points are about the appropriateness and reasons for asking a question or series of questions. This article […]

Author information

Paul Stewart

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With nearly 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems. Paul also writes technical content at PacketU.

The post There’s No Stupid Question, But… appeared first on Packet Pushers Podcast and was written by Paul Stewart.

A Question of DNS Protocols

One of the most prominent denial of service attacks in recent months was one that occurred in March 2013, launched against Spamhaus and Cloudflare. With a peak volume of attack traffic of some 120Gbps, it was a very significant attack. How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time on the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack?

Using Deny ACEs in your PBR ACL on your Nexus 7k

Quite a while ago I had a need for some network duct tape… Policy Based Routing while useful should only IMHO be used as a temporary fix. But as you know, temporary things soon become part of production and they end up staying around far too long. But I digress. I had a need for some PBR, but soon found out that NX-OS had no support for deny entries in your ACL. This can pose an issue depending on the amount of destinations needed. Mine needed to match everything on the internet, minus RFC1918, and some internal VPN routes and such. Over time, I ended up having to rewrite this 100 line ACL several times, until I saw that NX-OS 6.1(3) had support for deny statements.

I was so excited, I immediately rewrote my ACL into a very svelte 20 lines including remarks. My change window came, I applied my ACL, and was faced with an error message. Luckily, I quickly figured out that we need to enable the ability to use denies.

nexus-7010(config)# hardware access-list allow deny ace

Honestly, I just wanted to get this bit of info out there as I haven’t really seen information on it. Continue reading

RSVP Bandwidth on DMVPN Tunnels

Configuring RSVP on DMVPN mGRE tunnels requires few extra steps and a little bit of calculations to figure out the additional overhead. Without correctly configured overhead, the mismatch between RSVP and available LLQ bandwidth can cause degraded VoIP call performance.

Tunnel Bandwidth

By default, the bandwidth value on the tunnel interfaces is set to a low value. Older IOS versions use 8 Kbps while some of the newer IOS versions use 100 Kbps. The idea behind setting such a low bandwidth value is to make it less preferred by routing protocols like EIGRP and OSPF that rely on bandwidth for metric calculation to prevent recursive routing.

A low bandwidth value set on a tunnel interface can cause RSVP problem. If RSVP is enabled on a tunnel interface, by default 75% of its bandwidth is reserved for RSVP. Eight kbps or 100 kbps is too small for any VoIP calls. Ensure that that the correct bandwidth of the underlying physical interface is manually set. It is very easy to miss that Tun2 only have 75 Kbps of reservable bandwidth, while Gi0/2 has 75 Mbps.

b-ro02#sh ip rsvp interface
interface    rsvp  allocated  i/f max  flow max sub max  VRF
Gi0/0        ena   0          Continue reading

Making RSVP work over DVMPN

When using RSVP Call Admission Control (CAC) for VoIP, DMVPN and RSVP have limitations that prevent RSVP from working over DMVPN. If you have VoIP and you can’t use location based CAC, RSVP is the only answers. So what’s the problem with RSVP over DMVPN? The root of the problem is RSVP’s loop prevention mechanism. In this post I’ll describe an original solutions to make RSVP CAC work over DMVPN.

RSVP Split-Horizon on Tunnels

RSVP has a little known behavior used for loop prevention. It is similar to the split-horizon rule of many Distance Vector routing protocols and is described in RFC2205:

“[S]tate that is received through a particular interface must never be forwarded out the same interface.” [1]

When RSVP is set to be mandatory for call setup between two locations, RSVP has to successfully establish a reservation for each one way RTP audio stream. That reservation is done by voice gateways acting as the RSVP agents for IP phones. IP phones do not have RSVP running, but rely on voice gateways for that functionality.

Normally, when using DMVPN Phase 3, the initial packets sent between two spoke sites, match a route with the next-hop of the Continue reading

Benchmarking: Be Mindful Where You Set the Bar

At many fast-growing companies, there is a an organizational phenomenon that takes root as the middle management ranks swell. Early on, titles are handed out with thoughtful precision. The Director title, for instance, is held by folks who have demonstrated long-term value. Over time though, the company changes. It usually starts with an outside hire […]

Author information

The post Benchmarking: Be Mindful Where You Set the Bar appeared first on Packet Pushers Podcast and was written by Michael Bushong.

From SMB to Enterprise: Taking the Leap

After working in small business IT for over a decade, I made the leap to a large healthcare enterprise. Although I had been very successful in providing solutions in the SMB space, I didn’t know how well my skill set would transfer into a larger environment. Three years into my experience in the enterprise, I’ve […]

Author information

Eyvonne Sharp

Eyvonne Sharp

Eyvonne Sharp is a senior network engineer for a large healthcare enterprise where her focus is security and data center architecture. Before working in the enterprise, she spent 10 years working for small VARs and integrators in the SMB space. Eyvonne blogs at esharp.net and you can connect with her on twitter @SharpNetwork

The post From SMB to Enterprise: Taking the Leap appeared first on Packet Pushers Podcast and was written by Eyvonne Sharp.

Network Virtualization Gets Physical

Network virtualization, as others have noted, is now well past the hype stage and in serious production deployments. One factor that has facilitated the adoption of network virtualization is the ease with which it can be incrementally deployed. In a typical data center, the necessary infrastructure is already in place. Servers are interconnected by a physical network that already meets the basic requirements for network virtualization: providing IP connectivity between the physical servers. And the servers are themselves virtualized, providing the ideal insertion point for network virtualization: the vswitch (virtual switch). Because the vswitch is the first hop in the data path for every packet that enters or leaves a VM, it’s the natural place to implement the data plane for network virtualization. This is the approach taken by VMware (and by Nicira before we were part of VMware) to enable network virtualization, and it forms the basis for our current deployments.

In typical data centers, however, not every machine is virtualized. “Bare metal” servers — that is, unvirtualized, or physical machines — are a fact of life in most real data centers. Sometimes they are present because they run software that is not easily virtualized, or because of Continue reading

Speaker for the Dead – Privacy and Trust

This series of articles allows me to play the part of a ‘Speaker for the Dead’ for technology that has or is becoming ‘end of life’ or legacy and/or irrelevant (or which should be). In this article, the subject isn’t a specific technology or protocol although technology has brought about it’s demise; it’s something far […]

Author information

Steven Iveson

Steven Iveson

Steven Iveson, the last of four children of the seventies, was born in London and has never been too far from a shooting, bombing or riot. He's now grateful to live in a small town in East Yorkshire in the north east of England with his wife Sam and their four children.

He's worked in the IT industry for over 15 years in a variety of roles, predominantly in data centre environments. Working with switches and routers pretty much from the start he now also has a thirst for application delivery, SDN, virtualisation and related products and technologies. He's published a number of F5 Networks related books and is a regular contributor at DevCentral.

The post Speaker for the Dead – Privacy and Trust appeared first on Packet Pushers Podcast and was written by Steven Iveson.

Why We Do Packet Pushers – Email From a Listener

I got this email from Joel which made my day. It is email like this that keep us motivated and feel that Ethan & I are creating something worthwhile. Sometimes ‘packet pushing’ is just a lot of work, sometimes it is great fun, sometime we make a bit of money from sponsors too. But knowing […]

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Why We Do Packet Pushers – Email From a Listener appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Flow

Have you ever struggled to explain to your parents or friends why you still study technical topics at night? It can be frustrating trying to explain to these people why you do what you do. Let’s be honest, it’s hard to explain ‘why’ to ourselves, never mind explain it to others. I have found a […]

Author information

John Harrington

John is an experienced data center engineer with a background in mobile telecoms. He works as a network test engineer for a large cloud service provider, and is gradually accepting that he's a nerd. He blogs about network technology and careers at theNetworkSherpa.com. You can reach him on twitter at: @networksherpa

The post Flow appeared first on Packet Pushers Podcast and was written by John Harrington.