Archive

Category Archives for "Networking"

How to Turn Your IOS Router Into a Pr0n Server (Pr0n Not Included)

No, really! Did you know that your IOS-based router is capable as acting as a static webserver? Below you will find the steps necessary to turn a GNS/Dynamips box (or any ‘testlab’ machine) into something that can serve basic HTTP/HTTPS content. Due to the security implications of the steps below, it’s not recommended to do […]

Author information

Ken Matlock

Ken Matlock

Ken Matlock is a networking veteran of 19 years. He has worked in many fields in the networking industry including Service Provider, Retail, and Healthcare. When he's not fixing the problems of the networking world, he can be found studying for his CCIE, spending time with his family, and trying to chase the ever-elusive sleep.

He can be found on twitter @KenMatlock , email at [email protected] , irc.freenode.net #PacketPushers, or the occasional blog or forum post.

The post How to Turn Your IOS Router Into a Pr0n Server (Pr0n Not Included) appeared first on Packet Pushers Podcast and was written by Ken Matlock.

[Virtual Routing] Part 3 – Router Redundancy in VMware vSphere

My post a few weeks ago about the CSR 1000v made a pretty big splash - it’s clear that the industry is giving a lot of attention to IP routing within a virtual environment. No doubt, Vyatta is largely credited for this, as they’ve been pushing this idea for a long time. When Brocade announced that they were acquiring Vyatta, and Cisco announced they were working on a “Cloud Services Router”, this idea became all the more legitimate, and as you can tell from this series, it’s of particular interest to me.

[Virtual Routing] Part 3 – Router Redundancy in VMware vSphere

My post a few weeks ago about the CSR 1000v made a pretty big splash - it’s clear that the industry is giving a lot of attention to IP routing within a virtual environment. No doubt, Vyatta is largely credited for this, as they’ve been pushing this idea for a long time. When Brocade announced that they were acquiring Vyatta, and Cisco announced they were working on a “Cloud Services Router”, this idea became all the more legitimate, and as you can tell from this series, it’s of particular interest to me.

[Virtual Routing] Part 3 – Router Redundancy in VMware vSphere

My post a few weeks ago about the CSR 1000v made a pretty big splash - it’s clear that the industry is giving a lot of attention to IP routing within a virtual environment. No doubt, Vyatta is largely credited for this, as they’ve been pushing this idea for a long time. When Brocade announced that they were acquiring Vyatta, and Cisco announced they were working on a “Cloud Services Router”, this idea became all the more legitimate, and as you can tell from this series, it’s of particular interest to me.

Show 146 – Arista 7500 – One Switch to Rule Them All – Sponsored

Arista is shipping a serious round of upgrades for the 7500 switch chassis. In this sponsored podcast, Doug Gourlay from Arista returns to the Packet Pushers to give an unvarnished view of the new products and why Arista can deliver 100GbE at a new price point while maintaining technical features and capabilities. Show Topics: 1) It’s […]

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Show 146 – Arista 7500 – One Switch to Rule Them All – Sponsored appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Convert Hex to Decimal in IOS

Lots of IOS commands produce output in hex that I sometimes want to convert to decimal. Common ones for me are stuff like:

show ip cache flow
show ip flow top-talkers

and various debug commands. For example:

Router#sh ip cache flow | i Fa1/0.6
Fa0/1.6  10.5.188.158   Tu101*  10.5.24.15  06 0DA7 6D61  345

I have no idea what the port numbers in columns six and seven are. Fortunately, if the IOS device has the TCL or Bash shells available, we can quickly convert them.

Method 1: Tcl Shell

Most routers have the Tcl shell available:

Router#tclsh
Router(tcl)#puts [expr 0xda7]
3495

Router(tcl)#puts [expr 0x6d61]
28001


You could write a callable Tcl script to make this permanently available from normal EXEC mode too.

Method 2: Bash Shell

The Bash shell came out in one of the early IOS 15.0 versions, so you may or may not have it available. You need to explicitly enable it by entering "shell processing full" in global configuration mode.

Router#sh run | i shell
shell processing full < required to enable Bash in IOS 15+
Router#printf "%d" 0xda7
3495
Router#printf "%d" 0x6d61
28001



Getting the Most Out of SPAN or Mirror Ports

In my previous blog post I looked at the benefits and limitations of SPAN ports. SPAN or mirror ports are a convenient way of getting access to network packets without having to be inline like a firewall. Once you have got your network packet source in place, the next question is, what applications are available […]

Author information

Darragh Delaney

Technical Director at NetFort

Darragh Delaney is head of technical services at NetFort. As Director of Technical Services and Customer Support, he interacts on a daily basis with NetFort customers and is responsible for the delivery of a high quality technical and customer support service.

Darragh has extensive experience in the IT industry, having previously worked for O2 and Tyco. His User and Network Forensics blog. for Computer World focuses his experiences of network management and IT security in the real world. In his current role Darragh is regularly on site with network administrators and managers and this blog is a window into the real world of keeping networks running and data assets secure.

He shares network security and management best practices on the NetFort blog. Follow Darragh on Twitter @darraghdelaney and NetFort Technologies @netfort. You can also contact him Continue reading

SDN Use Case: End-to-End QoS

Just a little unicorn-y brainstorming today. This post is in some ways an extension of my earlier post on the importance of QoS in a converged environment like FCoE or VoIP (or both). This will be a good example of a case where SDN very efficiently solves a policy problem that is present in an unfortunately large number of networks today. For many organizations, large or small, the network is approached with a very siloed, “good enough” mentality - meaning that each portion of an organization’s technology implementation is typically allocated to those that have that particular skillset.

SDN Use Case: End-to-End QoS

Just a little unicorn-y brainstorming today. This post is in some ways an extension of my earlier post on the importance of QoS in a converged environment like FCoE or VoIP (or both). This will be a good example of a case where SDN very efficiently solves a policy problem that is present in an unfortunately large number of networks today. For many organizations, large or small, the network is approached with a very siloed, “good enough” mentality - meaning that each portion of an organization’s technology implementation is typically allocated to those that have that particular skillset.

Patent filed

Finally, I have finished to file my patent regrading PVTD - The Private VLAN enabler. It is storage how a patent attorney is able to add so many words to a technical document which he has got very limited understanding of its content… Anyway, I am back to authoring labs.

Are You a Fuddy Duddy?

This recent article from IEEE Spectrum discusses our impression that as we age, we lose the ability to learn quickly — fluid intelligence, as it’s called. An accompanying chart shows this in some degree through the skill of chess players across a range of ages. There’s something suspicious about this chart, though, and it’s pairing […]

Author information

Russ White

Principal Engineer at Ericsson

Russ White has scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, nibbled and noodled at a lot of networks, and done a lot of other stuff you either already know about — or don't really care about. You can find Russ at 'net Work, the Internet Protocol Journal, and his author page on Amazon.

The post Are You a Fuddy Duddy? appeared first on Packet Pushers Podcast and was written by Russ White.

What is Jitter in Networking?

How does the internet work - We know what is networking

Simply said, time difference in packet inter-arrival time to their destination can be called jitter. Jitter is specific issue that normally exists in packet networks and this phenomenon is usually not causing any communication problems. TCP/IP is responsible for dealing with the jitter impact on communication. On the other hand, in VoIP network environment, or better […]

What is Jitter in Networking?

Machine Fragile: More Thoughts

I just ran across a pointer to this research on Bruce Schneier’s blog: Networking system components that are well-behaved in separation may create counter-intuitive emergent system behaviors, which are not well-behaved at all. For example, cooperative behavior might unexpectedly break down as the connectivity of interaction partners grows. “Applying this to the global network of […]

Author information

Russ White

Principal Engineer at Ericsson

Russ White has scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, nibbled and noodled at a lot of networks, and done a lot of other stuff you either already know about — or don't really care about. You can find Russ at 'net Work, the Internet Protocol Journal, and his author page on Amazon.

The post Machine Fragile: More Thoughts appeared first on Packet Pushers Podcast and was written by Russ White.

Healthy Paranoia Show 12: The Saga of Terry Childs

Announcing the latest episode of Healthy Paranoia from Mrs. Y featuring the case of Terry Childs, the infamous former Network Administrator arrested for refusing to provide passwords for San Francisco’s FiberWAN system to management. She’s joined by Jeana Pieralde, Chief Security Officer for the City and County of San Francisco, along with two members of the […]

Author information

Mrs. Y

Snarkitecht at Island of Misfit Toys

Mrs. Y is a recovering Unix engineer working in network security. Also the host of Healthy Paranoia and official nerd hunter. She likes long walks in hubsites, traveling to security conferences and spending time in the Bat Cave. Sincerely believes that every problem can be solved with a "for" loop. When not blogging or podcasting, can be found using up her 15 minutes in the Twittersphere or Google+ as @MrsYisWhy.

The post Healthy Paranoia Show 12: The Saga of Terry Childs appeared first on Packet Pushers Podcast and was written by Mrs. Y.

The Technical Mind

I have worked in technology full-time for nearly fifteen years. Prior to this, I built PCs and was somewhat of a technical hobbyist. Occasionally, I am faced with the question, “How does one get into computers?” or “How can I get into computer networking?” There are many paths and correct answers to these questions. The […]

Author information

Paul Stewart

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With nearly 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems. Paul also writes technical content at PacketU.

The post The Technical Mind appeared first on Packet Pushers Podcast and was written by Paul Stewart.

When CDP doesn’t discover

Marko's myths of VLAN 1 post continues to drive a lot of traffic to my response about CDP, tagging and the magic properties of VLAN 1.

Today I was introduced to a related phenomenon that I found interesting.

Backstory
CDP messages sent by switches are always in VLAN 1. If something other than VLAN 1 is the native VLAN on a particular trunk, then the CDP frame will be tagged with "1".

Funny Business
According to the post linked above there are related conditions that break CDP altogether.

The required elements are:
  1. A switch sending tagged CDP frames, either because it's using something other than VLAN 1 as the native VLAN or it's been configured with vlan dot1q tag native
  2. A router-on-a-stick that does NOT have a subinterface configured with encapsulation dot1q 1
Apparently the router, having no subinterface configured to receive frames tagged with "1", will toss incoming CDP frames without bothering to look inside to find the CDP message, killing CDP operation altogether. Bummer. And kind of unexpected.

I haven't tested this behavior, nor do I even have an IOS-XR (where the problem was found) box available. I suspect that IOS and IOS-XE systems might have a similar Continue reading

The Next Generation in Cloud-Scale Networking: The Arista 7500E

Today we are announcing our new 7500E modular switch, the fastest and densest modular switching platform in the industry, enabling cloud networks to scale to over 100,000 servers and millions of virtual machines.

The Arista 7500E is a remarkable 3X better than its predecessor. It offers 3X the number of ports, 3X the fabric bandwidth, 3X the packet buffer, 3X the supervisor performance, and 3X the power-efficiency, without a chassis or power upgrade.

But the real story of the 7500E it that it enables customers to build a universal cloud networking infrastructure for the worldʼs largest data centers that can handle even the most demanding workloads with ease.

Letʼs take a look inside this remarkable new switch.

3X the Fabric Bandwidth

The 7500E has 3.84 Tbps fabric bandwidth per slot, or 30 Tbps per 8-slot chassis, three times the bandwidth of the first generation 7500.

3X the Port Density

The 7508E supports 1152 10G, 288 40G or 96 100G wire-speed ports in a 11U chassis, the highest port density in the industry and three times the number of ports of the first generation 7500.

3X the Packet Buffer

The 7500E comes with a world-record 144 GByte of packet buffer per 8-slot chassis, Continue reading

VMware VCDX Lab: The Hardware

I have to admit I’m a big VMware fanboy. Wanting to master the art of virtualization, I’ve set out to build out a personal lab. My primary goal is to work my way up to the VCDX certification. The curious thing about building a VMware lab is that all parts need to be on the […]

Author information

Douglas Hanks

Douglas Hanks

Douglas Hanks is a Data Center Architect with Juniper Networks and focuses on solution architecture for service provider and enterprise. He is certified with Juniper Networks as JNCIE-ENT #213 and JNCIE-SP #875. He is the author of the Juniper MX Series by O'Reilly and several Day One books published by Juniper Networks. Douglas is also the co-founder of the Bay Area Juniper Users Group (BAJUG).
-
Email: [email protected]
Twitter: @douglashanksjr
LinkedIn: http://www.linkedin.com/in/dhanks
My words are my own.
-

The post VMware VCDX Lab: The Hardware appeared first on Packet Pushers Podcast and was written by Douglas Hanks.

Show 145 – Talking OpenDaylight and SDN

A community show where we get Brent Salisbury and Ivan Pepelnjak to talk about the events of the last few weeks. In the end, the only thing we seemed to cover was OpenDaylight, ONS and various SDN topics. Open Networking Summit – Brent reports in. Talking SDN and OpenDaylight Ivan asks “will you install open […]

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Show 145 – Talking OpenDaylight and SDN appeared first on Packet Pushers Podcast and was written by Greg Ferro.

IGP Route Multipathing

In preparation for an upcoming post, I was reminded about a commonly referred to feature in most IGPs - the concept of Equal-Cost Multipath, or simply ECMP. This is the idea that multiple routes with the same cost to a remote network should get placed in the routing table alongside each other and packets should load-balance over them to use the additional available paths. After all, it’s the same cost, so why not?