Packet Design to sponsor Beer ‘N Gear at NANOG 66
Packet Design to sponsor Beer 'N Gear at NANOG 66, February 9, 2016 in San Diego, CA.
We are sponsoring Beer ‘N Gear at NANOG 67 in Chicago, IL!
Come see us in Chicago, IL during NANOG 67 Beer N' Gear on June 14, 2016.
http://nanog.org/meetings/nanog67/home
Project DEW
I don't want to claim myself as Global Consultant anymore. It seems like many people have problem with that. Some called me showing off, some said I'm too proud with that title. Others even said I spent so much time marketing myself. Blah blah. Ok, ok, I get it.But here is the fact: since I joined Cisco in 2006 I've traveled to many countries to do consulting projects. Below you can see some Cisco customers in Asia, Europe, Middle East and Africa that I worked with in the past. And most of the time my role in the project is to lead the design work: to capture customer requirements and provide technical solution to address them. In many projects I also lead the implementation and migration. For some projects I'm responsible to lead the whole engagement from project scheduling, managing resources as well as quality assurance for deliverables. So call me anything you want, even Janitor, but it seems like I have some experiences working on design consultancy project, globally.
And actually before I joined Cisco I had already done many design project as well with many customers. I invented my own methodology and workflow for design work. Continue reading
Make sure you patch your holiday gifts
Let me start off with a question, what are the steps involved when it comes to giving someone a gift? Is it as simple as buy, wrap and handover? For the more traditional gifts like perfume this would be the correct answer but if you are giving electronic gifts then you may be leaving out […]
Author information
OpenFlow/SDN Won’t Scale?
I got in a conversation today on Twitter, talking about SDN/SDF (software defined forwarding), which is a new term I totally made up which I use to describe the programmatic and centralized control of forwarding tables on switches and multi-layer switches. The comment was made that OpenFlow in particular won’t scale, which reminded me of an article by Doug Gourlay of Arista talking about scalability issues with OpenFlow.
The argument that Doug Gourlay of Arista had is essentially that OpenFlow can’t keep up with the number of new flows in a network (check out points 2 and 3). In a given data center, there would be tens of thousands (or millions or tens of millions) of individual flows running through a network at any given moment. And by flows, I mean keeping track of stateful TCP connection or UDP pseudo-flows. The connection rate would also be pretty high if you’re talking dozens or hundreds of VMs, all taking in new connections.
My answer is that yeah, if you’re going to try to put the state of every TCP connection and UDP flow into the network operating system and into the forwarding tables of the devices, that’s Continue reading
Video Series Examines SDN: The Good, the Bad, & the Ugly
Leading industry analyst and Packet Design CTO discuss all facets of SDN in short video casts
What’s the reality on the ground with software defined networking (SDN)? Are humans in the network becoming obsolete? What network management best practices can we bring to the automation realm? Packet Design has released a wide-ranging conversation on these topics and more between Jim Frey, vice president of research for analyst firm Enterprise Management Associates, and Cengiz Alaettinoglu, CTO of Packet Design. Titled “SDN: The Good, the Bad & the Ugly,” the series consists of seven short videocasts where both experts provide an overview of SDN, related technologies, standards initiatives, and management considerations.
SDN Video Series Segments:
-
Defining SDN: What is it exactly and how does it differ from “software derived networking” and “network function virtualization?”
-
SDN Standards Bodies & Consortia: Who is actively working on SDN and which segment is lagging?
-
What’s Working and What’s Not: What are the risks with SDN? Is Google’s success with their custom-built SDN a model for the industry?
-
The Need for a Network Access Broker (NAB): How do we determine if an application deployed via SDN will not adversely impact other applications?
-
Use Cases for the Network Access Broker: Continue reading
Switching to Linux for… Switches?
Like many folks out there, I’m following the rise of “whitebox switching”, and am interested to see if (and where) it takes off. There’s many players out there who are trying to pitch disassociating the software from the hardware, and quite a few hardware manufacturers that are offering various hardware platforms on which to run […]
Author information
The post Switching to Linux for… Switches? appeared first on Packet Pushers Podcast and was written by Will Dennis.
Podcast Planning – Got A Great Network Down Story?
Greg and I want to record a “Nightmare Before Christmas” podcast, where folks come on and tell us their most grisly, horrifying network down story. The idea is a relaxed show chatting around the holiday fire, telling war stories, and being glad it’s all over now. So…got a good story? Want to come on a […]
Author information
The post Podcast Planning – Got A Great Network Down Story? appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Show 172 – Palo Alto Networks Next-Generation Security In The Data Center – Sponsored
It’s an exciting time to be a networking geek, with the introduction of new technologies like network virtualization and established vendors like Cisco jumping into the SDN market. But, what about network security? What happens when you move from traditional data center architectures to virtualization, cloud and SDN environments? Palo Alto Networks builds a next-generation […]
Author information
The post Show 172 – Palo Alto Networks Next-Generation Security In The Data Center – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.
F5 drops LAB VE price to $95
During a recent F5 purchase I wanted to get some more F5 lab virtual edition appliances. At my company we have had two and it has been invaluable for testing new configs and training junior engineers in a safe environment that could be trashed and restored at will. At the time we ordered the lab […]
Author information
The post F5 drops LAB VE price to $95 appeared first on Packet Pushers Podcast and was written by Eric Flores.
Default CoS Value in Netapp Cluster Mode
I was troubleshooting an MTU related issue for NFS connectivity in a Flexpod (Cisco UCS, Cisco Nexus, and Netapp storage with VMware vSphere, running the Nexus 1000v). Regular-sized frames were making it through, but not jumbo frames. I ensured the endpoints were set up correctly, then moved inwards….in my experience, the problem is usually there. The original design basically included the use of CoS tag 2 for all NFS traffic, so that it could be honored throughout the network, and given jumbo frames treatment.Default CoS Value in Netapp Cluster Mode
I was troubleshooting an MTU related issue for NFS connectivity in a Flexpod (Cisco UCS, Cisco Nexus, and Netapp storage with VMware vSphere, running the Nexus 1000v). Regular-sized frames were making it through, but not jumbo frames. I ensured the endpoints were set up correctly, then moved inwards….in my experience, the problem is usually there. The original design basically included the use of CoS tag 2 for all NFS traffic, so that it could be honored throughout the network, and given jumbo frames treatment.Superman, Immortal, Janitor
"What's the difference between Solutions Architect and Technical Leader?"Someone asked me that question last week. We all know the answer: none. It's just a damn title. Title doesn't matter. It never does. Batman once said: it's not who you are underneath, it's what you do that defines you.
In my current organization, that focuses on consulting services, there is a distinction between Solutions Architect and Technical Leader role in career path for technical person. (Himawan, but you said there is no such thing as career path? Well, let's save the debate for some other time).
As seen in below figure, Network Consulting Engineers (NCE) make progress from level I to level IV, and this is the point where he/she can make decision: either to stick as NCE then becomes Technical Leader someday, or to move to become Solutions Architect. He/she can actually move to any other position across the organization like pre-sales consultant or project manager or business development manager or even accountant! But let's keep the discussion between the path of Technical Leader and Solutions Architect.
So what's the difference between the two then?
Both must have excellent soft skills: communicate effectively, above average presentation skills, team Continue reading
MITM and Routing Security
If the motivation behind the effort behind securing BGP was to allow any BGP speaker to distinguish between routing updates that contained “genuine” routing information and routing updates that contained contrived or false information, then these two reports point out that we’ve fallen short of that target. What’s gone wrong? Why are certain forms of routing Man-In-The-Middle attacks all but undetectable for the RPKI-enabled BGPSEC framework?The Impact of Software Defined X on a Networking organization
Introduction We’re in one of the most exciting times in data networking. While I’m sure we’re all sick of vendors co-opting technologies in their infancy, there is a lot of good work going on to change the fundamentals of moving data (I shudder to call this a paradigm shift; I’ll save that term for life […]
Author information
On Link in IPv6
As an avid reader of RFCs and RFC drafts, I’m always running across little bits of knowledge I either already knew and forgot (I forget a lot of things), or things I didn’t know and wouldn’t have expected. RFC5942, published way back in 2010 (a long time in network engineering terms), discusses a topic I […]
Author information
How Does QoS Work?
This sponsored blog post was written by Clark Zoeller, CCIE #13760, Sales Engineer with ActionPacked Networks. Quality of Service (QoS) is a suite of technologies used to manage bandwidth usage as data crosses computer networks. Its most common use is for protection of real-time and high priority data applications. QoS technologies, or tools, each have […]
Author information
The post How Does QoS Work? appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.
Configuring SNMPv3 On NX-OS
We’re currently trying to allow a client to perform an operation using SNMP set commands on a Cisco NX-OS switch (namely a 5548).
It’s possible using SNMPv2c and community strings, but this does not generate a log message, making it completely unaccountable. SNMPv3 seems to have the answer. According to the documentation, it provides:
- Integrity
- Encryption
- Authentication
I’ve tested using a set operation to change a MIB using the following command:
snmpset -v 3 -u test -l authpriv -a MD5 -A Testpass01 -x DES -X Testpass01 hostname system.sysLocation.0 s TESTLOCATION
Which works fine.
However, the problem arises when trying to back off the authentication of the SNMP operation to TACACS/RADIUS. My interpretation of the documentation suggests this is possible. My Cisco SE has not denied it either. However, I reckon some changes need to be made to the authentication server. According to what I’ve read:
You can use the VSA cisco-av-pair on AAA servers to specify user role mapping for the Nexus 5000 Series switch using this format:
shell:roles="roleA roleB ..."
If you do not specify the role option in the cisco-av-pair attribute, the default user role is network-operator.
You can also specify your SNMPv3 authentication and privacy Continue reading