Archive

Category Archives for "Networking"

Leading cross-functional teams: foot-in-the-door theory

When I was at Juniper, my job was basically to sell internally those ideas that were deemed so controversial or hotly contested that no one could get them through the corporate machinery. This put me in a position that I was almost always leading cross-functional teams whose members did not directly report to me. I […]

Author information

The post Leading cross-functional teams: foot-in-the-door theory appeared first on Packet Pushers Podcast and was written by Michael Bushong.

To Kill a VTP

The Devil! Yes, VTP is not the Devil itself, but it very well could be. I understand the “protect it” or make sure you know what you’re doing arguments. Those are all fine and dandy, and the fact...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Ubuntu OVF images for download

Lately I’m playing a lot with virtualization features and for this I needed a rapid way to deploy from scratch new instances. First I had the virtual machines converted to templates, but then I had to rebuild from zero the entire ESXi environment and those images were gone. I realized then it was more easier […]

Plexxi DSE: An Informal Analogy

Sitting in the NFD6 demo with Plexxi and got a great overview of the DSE product they’ve been working on. This service allows them to dynamically build network configurations based on external services like Openstack, puppet, etc. The example that Derick provided was the fact that an access list - instead of referring to a source IP address, or destination port, etc. - we can now refer to a puppet request, for instance.

Plexxi DSE: An Informal Analogy

Sitting in the NFD6 demo with Plexxi and got a great overview of the DSE product they’ve been working on. This service allows them to dynamically build network configurations based on external services like Openstack, puppet, etc. The example that Derick provided was the fact that an access list - instead of referring to a source IP address, or destination port, etc. - we can now refer to a puppet request, for instance.

Five selfish reasons to interview candidates

Lets be honest. It is hard to justify the time needed to interview people. It can be really hard to motivate yourself to interview potential new hires when project deadlines are looming. It is perfectly fair to ask yourself, “what’s in it for me?” I think there is a payoff for time spent on hiring. […]

Author information

John Harrington

John is an experienced data center engineer with a background in mobile telecoms. He works as a network test engineer for a large cloud service provider, and is gradually accepting that he's a nerd. He blogs about network technology and careers at theNetworkSherpa.com. You can reach him on twitter at: @networksherpa

The post Five selfish reasons to interview candidates appeared first on Packet Pushers Podcast and was written by John Harrington.

NFD6 Preview: Solarwinds

You can’t really be in the networking industry without hearing about Solarwinds. Their IT management and monitoring products are very widely used. Nearly every customer I’ve worked with is using Solarwinds’ tools to some extent, whether it’s the ever-popular Orion NCM for network management and monitoring, or the slew of free tools that Solarwinds makes available for little troubleshooting or configuration tasks. Solarwinds has supported NFD for quite some time. At NFD5, they presented on quite a few things.

NFD6 Preview: Solarwinds

You can’t really be in the networking industry without hearing about Solarwinds. Their IT management and monitoring products are very widely used. Nearly every customer I’ve worked with is using Solarwinds’ tools to some extent, whether it’s the ever-popular Orion NCM for network management and monitoring, or the slew of free tools that Solarwinds makes available for little troubleshooting or configuration tasks. Solarwinds has supported NFD for quite some time. At NFD5, they presented on quite a few things.

Finding a New Path (Part 1)

In my last installment on the topic of fast convergence, I said I’d be discussing the calculation stage of fast convergence next. Orhan tried to scoop me in the comments, but that’s okay –I’m working at this through the process switched path, rather than interrupt context. In parallel with flooding information about the topology change […]

Author information

Russ White

Russ White
Principle Engineer at Ericsson

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, is currently working on a new book in the area Continue reading

Show 161 – VMware NSX – Real World SDN – Sponsored

Deep diving on VMware NSX ? You bet. Download the PDF file and read along with us as we unpack how VMware NSX works with Brad Hedlund and Scott Lowe. Network Virtualization is the certainly the biggest architecture shift in our careers and probably yours.  And make no mistake, this is about networking.  Greg Ferro often says that […]

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Show 161 – VMware NSX – Real World SDN – Sponsored appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Need more capacity: MPC4e cards are there!

Recently, we received in LAB 2 new MPC cards: - The MPC4e Combo card: 2x100GE + 8x10GE ports (MPC4E 3D 2CGE+8XGE) - The MPC4e 32x10GE ports (MPC4E 3D 32XGE) These 2 new cards need at least the Junos 12.3 and can be used on both dense chassis: MX960 and...

Need more capacity: MPC4e cards are there!

Recently, we received in LAB 2 new MPC cards: - The MPC4e Combo card: 2x100GE + 8x10GE ports (MPC4E 3D 2CGE+8XGE) - The MPC4e 32x10GE ports (MPC4E 3D 32XGE) These 2 new cards need at least the Junos 12.3 and can be used on both dense chassis: MX960 and...

Need more capacity: MPC4e cards are there!

Recently, we received in LAB 2 new MPC cards: - The MPC4e Combo card: 2x100GE + 8x10GE ports (MPC4E 3D 2CGE+8XGE) - The MPC4e 32x10GE ports (MPC4E 3D 32XGE) These 2 new cards need at least the Junos 12.3 and can be used on both dense chassis: MX960 and...

How bad is the OSPF vulnerability exposed by Black Hat?

ddos-attack

I was asked a few weeks ago by our field engineers to provide a fix for the OSPF vulnerability exposed by Black Hat last month. Prima facie there appeared nothing new in this attack as everyone knows that OSPF (or ISIS) networks can be brought down by insider attacks. This isnt the first time that OSPF vulnerability has been announced at Black Hat. Way back in 2011 Gabi  Nakibly, the researcher at Israel’s Electronic Warfare Research and Simulation Center, had demonstrated how OSPF could be brought down using insider attacks.  Folks were not impressed, as anybody who had access to one of the routers could launch attacks on the routing infrastructure. So it was with certain skepticism that i started looking at yet another OSPF vulnerability exposed by Gabi, again at Black Hat. Its only when i started delving deep into the attack vector that the real scale of the attack dawned on me. This attack evades OSPF’s natural fight back mechanism against malacious LSAs which makes it a bit more insidious than the other attacks reported so far.

I exchanged a few emails with Gabi when i heard about his latest exposé. I wanted to understand how this attack Continue reading

Plumbing OpenBSD Software with gdb(1)

This post is about finding and fixing a memory leak I discovered in the SNMP daemon, snmpd(8), in OpenBSD. This sort of analysis is foreign territory for me; I’m not a software hacker by day. However, using instructions written by Otto Moerbeek as my Rosetta stone and Google to fill in the blanks when it came to usage of the GNU debugger, gdb(1), I was able to find and fix the memory leak.

I’m documenting the steps I used for my future self and for others.

The Problem

When walking the pfTblAddrTable in the OPENBSD-PF-MIB, the unprivileged snmpd process would grow in terms of SIZE and RES. Querying other parts of PF-MIB or other MIBS altogether resulted in no memory usage increase.Memory Leak

Since I knew roughly which code path must have the leak, I first examined it manually. I could not see where memory wasn’t being given back. I needed to instrument the process as it was running in order to find the leak.

Before Starting

This set of instructions from Otto Moerbeek was my guide. As per his guide, you have to rebuild libc with MALLOC_STATS enabled. This enables statistics collection that is used later on.

Edit /usr/src/lib/libc/stdlib/malloc. Continue reading

Plumbing OpenBSD Software with gdb(1)

This post is about finding and fixing a memory leak I discovered in the SNMP daemon, snmpd(8), in OpenBSD. This sort of analysis is foreign territory for me; I'm not a software hacker by day. However, using instructions written by Otto Moerbeek as my Rosetta stone and Google to fill in the blanks when it came to usage of the GNU debugger, gdb(1), I was able to find and fix the memory leak.

I'm documenting the steps I used for my future self and for others.

NFD6 Vendor Preview: Nuage Networks

Nuage Networks is making an appearance at both Network Field Day 6 and the Software-Defined Datacenter Symposium the day before. Nuage is new to me, but after perusing some of their literature, I was very comfortable with some of the concepts. First, you’ll recognize the three-tier architecture that’s being used in most SDN discussions in most of their visuals (data plane / controller / NB API) Nuage uses an product called the VSD (Virtual Services Directory) to define network policies and business logic integration.

NFD6 Vendor Preview: Nuage Networks

Nuage Networks is making an appearance at both Network Field Day 6 and the Software-Defined Datacenter Symposium the day before. Nuage is new to me, but after perusing some of their literature, I was very comfortable with some of the concepts. First, you’ll recognize the three-tier architecture that’s being used in most SDN discussions in most of their visuals (data plane / controller / NB API) Nuage uses an product called the VSD (Virtual Services Directory) to define network policies and business logic integration.

Professional Loneliness

Lately I’ve been bouncing some generic DMVPN questions off the twittersphere.  I’ve used DMVPN sporadically in tiny single-use cases before, but now I am planning to roll out a somewhat larger implementation with a dual cloud and dual hub, complicated by the fact that I don’t control the perimeter router at our DC and I […]

Author information

Matthew Mengel

Matthew was a Senior Network Engineer for a regional educational institution in Australia for over 15 years, working with Cisco equipment across many different product areas. However, in April 2011 he resigned, took seven months of long service leave to de-stress and re-boot before becoming a network engineer for a medium sized non-profit organisation. At the end of 2013, he left full-time networking behind after winning a scholarship to study for a PhD in astrophysics. He is on twitter infrequently as @mengelm.

The post Professional Loneliness appeared first on Packet Pushers Podcast and was written by Matthew Mengel.

Don’t Need No Stinking Underlays

Why’s everyone complaining about overlays; it’s the underlays that are the problem. I’ve been in this awful game for years, I’m tellin ya, me and the dinosaurs were buddies back in the medieval donkey days – so listen up losers, I’m diatribin from experience. That Greg Ferrous, he’s a wise fella; almost like a father to me […]

Author information

Steven Iveson

Steven Iveson

Steven Iveson, the last of four children of the seventies, was born in London and has never been too far from a shooting, bombing or riot. He's now grateful to live in a small town in East Yorkshire in the north east of England with his wife Sam and their four children.

He's worked in the IT industry for over 15 years in a variety of roles, predominantly in data centre environments. Working with switches and routers pretty much from the start he now also has a thirst for application delivery, SDN, virtualisation and related products and technologies. He's published a number of F5 Networks related books and is a regular contributor at DevCentral.

The post Don’t Need No Stinking Underlays appeared first on Packet Pushers Podcast and was written by Steven Iveson.