Archive

Category Archives for "Networking"

A review of the recent Coursera SDN MOOC

Back in the springtime of this year, I saw that Coursera was going to be offering a free six-week SDN MOOC taught by Dr. Nick Feamster, an Associate Professor at Georgia Tech’s School of Computer Science. As I had already been learning about and investigating this new SDN world in my free time, I thought […]

Author information

Will Dennis

Will Dennis

Will Dennis has been a systems and network administrator since 1989, and is currently the Network Administrator for NEC Laboratories America, located in Princeton NJ. He enjoys the constant learning it takes to keep up with the field of network and systems administration, and is currently pursuing the Cisco CCNP-R/S certification. He can be found on the Twitters as @willarddennis, and on Google Plus.

The post A review of the recent Coursera SDN MOOC appeared first on Packet Pushers Podcast and was written by Will Dennis.

NetworkFaculty.com: Bite-sized IT Training Videos On Demand

These days, access to the web means that users are simply a click away from discovering anything – from how to expertly mollycoddle their Macs to the secret to a perfect cup of tea. But, as we all know, not everything is perfect. Many e-learning services do not have the luxuries of the time and […]

Author information

Sponsored Blog Posts

The Packet Pushers work with our vendors to present a limited number of sponsored blog posts to our community. This is one. If you're a vendor and think you have some blog content you'd like to sponsor, contact us via [email protected].

The post NetworkFaculty.com: Bite-sized IT Training Videos On Demand appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.

Negotiating your salary

There is probably no more stressful stage in the interview process than negotiating your salary. You usually don’t know entirely what to ask for. You have a feel for what you would like, but most of us have a healthy fear of leaving money on the table. We are less worried about asking for too […]

Author information

Michael Bushong

The post Negotiating your salary appeared first on Packet Pushers Podcast and was written by Michael Bushong.

Show 156 – Tail-f Network Control System – Sponsored

This episode (re-)introduces Carl Moberg and dives into Tail-f’s Network Control System (NCS). We talk through the moving parts of Network Control System at a technical level and discuss why you should care about this product. If you have been interested in tools that do multivendor automation of the network then you will be interested in this discussion.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+

The post Show 156 – Tail-f Network Control System – Sponsored appeared first on Packet Pushers Podcast and was written by Greg Ferro.

Using Wireshark to Decode SSL/TLS Packets

I mentioned in my Tcpdump Masterclass that Wireshark is capable of decrypting SSL/TLS encrypted data in packets captured in any supported format and that if anyone wanted to know how for them to ask. Someone did, so here it is. This is an extremely useful Wireshark feature, particularly when troubleshooting within highly secure network architectures. […]

Author information

Steven Iveson

Steven Iveson

Steven Iveson, the last of four children of the seventies, was born in London and has never been too far from a shooting, bombing or riot. He's now grateful to live in a small town in East Yorkshire in the north east of England with his wife Sam and their four children.

He's worked in the IT industry for over 15 years in a variety of roles, predominantly in data centre environments. Working with switches and routers pretty much from the start he now also has a thirst for application delivery, SDN, virtualisation and related products and technologies. He's published a number of F5 Networks related books and is a regular contributor at DevCentral.

TwitterLinkedIn

The post Using Wireshark to Decode SSL/TLS Packets appeared first on Packet Pushers Podcast and was written by Steven Iveson.

Quality of Service (QoS) – Policing and Shaping Notes

Policers and shapers identify traffic violations in an identical manner, but treat them differently.  Policers perform instantaneous checks and immediately take action when a violation occurs.  Actions can include marking, dropping, and even just transmitting the packet.  Shapers on the other hand are traffic-smoothing tools.  Its objective is to send all traffic out a given interface, but to smooth it out so that it never exceeds a given rate – usually in order to meet SLAs.  Excess traffic is buffered and delayed until the traffic once again dips below the defined maximum rate.

Policer Shaper

Causes TCP resends as traffic is dropped

Delays traffic; involves less TCP resends

Inflexible; makes instant drop decisions

Adapts to network congestion by queuing excess traffic

Ingress or egress interface tool

Typically egress only

Rate limiting – no buffering

Rate limiting with buffering

While policing and shaping tools are not employed to directly provide QoS for real-time traffic, they do regulate/stabilize traffic flows so that unexpected bursts in data traffic do not induce jitter and latency that adversely affects real-time traffic.

Policers determine whether each packet conforms, exceeds, or violates the policies configured for traffic, and takes the prescribed action Continue reading

Operation (Unicorn?) Mincemeat, Counter Security, and a book about JWAS

In 1943, Spanish officials recovered the body of a spy from the Atlantic coast of Huelva.  The suitcase still attached to his arm contained Allied war plans, identifying Greece and Sardinia as the beachhead for the forthcoming assault on Italy.  Amazed by their luck, Axis forces redeployed divisions from Sicily, Northern France, and the Eastern […]

Author information

Glen Kemp

Enterprise Security Architect. Designing & deploying “keep the bad guys out” technologies. Delivering elephants and not hunting unicorns.

Please free to add me on , follow me on Twitter or check out my other blogs on Juniper J-Net, sslboy.net and SearchNetworking.

The post Operation (Unicorn?) Mincemeat, Counter Security, and a book about JWAS appeared first on Packet Pushers Podcast and was written by Glen Kemp.

Second CCIE, or CCDE?

“Should I get a second CCIE, or a CCDE?” A number of people have asked me this recently; in the process of answering those questions, I’ve developed a couple of lines of reasoning that I thought worth sharing here. No, I’ve not been posting much recently — I’m wrapped up in a bunch of different […]

Author information

Russ White

Russ White
Principle Engineer at Ericsson

Russ White is a Network Architect who's scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, and done a lot of other stuff you either already know about, or don't really care about. You want numbers and letters? Okay: CCIE 2635, CCDE 2007:001, CCAr, BSIT, MSIT (Network Design & Architecture, Capella University), MACM (Biblical Literature, Shepherds Theological Seminary). Russ is a Principal Engineer in the IPOS Team at Ericsson, where he works on lots of different stuff, serves on the Routing Area Directorate at the IETF, and is a cochair of the Internet Society Advisory Council. Russ will be speaking in November at the Ericsson Technology Day. he recently published The Art of Network Architecture, is currently working on a new book in the Continue reading

7 Tips For Improving Your Communications Skills at Work

In my last article, I identified the importance of effective communication in the workplace. Today’s article is a follow-up that offers several suggestions meant to help individuals improve these skills. Some tips may be more or less relevant to the situations that are specific to an individual’s role. As I mentioned in my previous article,l […]

Author information

Paul Stewart

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With nearly 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems. Paul also writes technical content at PacketU.

The post 7 Tips For Improving Your Communications Skills at Work appeared first on Packet Pushers Podcast and was written by Paul Stewart.

London Seminar – Multicast & Product Updates

Date: September 17th, 2013
Time: 8:30am
Venue: The Four Seasons London at Canary Wharf

Please join us for an informal breakfast seminar to discuss the IP routing management needs of organizations in the financial services, broadcast video, and other industries. Attendees will also receive a Packet Design product update from Matt Sherrod, Vice President of Products, and see a demonstration of the newly-released Multicast Explorer which offers unprecedented real-time and historical visibility into multicast routing operations as well as powerful modeling capabilities. In addition to breakfast, attendees will have a chance to win a Beats by Dre™ Bluetooth Speaker

Who should attend: Network routing engineers, network architects, planners and administrators; network operations engineers and managers, directors and vice presidents of network infrastructure and IP communications.

Seminar Registration - London 2013

New York Seminar – Multicast & Product Updates

Date: September 12th, 2013
Time: 8:30am
Venue: The Westin at Times Square

Please join us for an informal breakfast seminar to discuss the IP routing management needs of organizations in the financial services, broadcast video, and other industries. Attendees will also receive a Packet Design product update from Matt Sherrod, Vice President of Products, and see a demonstration of the newly-released Multicast Explorer which offers unprecedented real-time and historical visibility into multicast routing operations as well as powerful modeling capabilities. In addition to breakfast, attendees will have a chance to win a Beats by Dre™ Bluetooth Speaker

Who should attend: Network routing engineers, network architects, planners and administrators; network operations engineers and managers, directors and vice presidents of network infrastructure and IP communications.

Seminar Registration - New York 2013

Cisco Nexus vPC Config-Sync


In my previous blogs NX-OS vPC FEX config example and Configuring VSS Cisco 6500 and vPC, I've covered virtual Port-Channels in detail. For those new to this terminology, virtual port-channel or vPC makes a pair of Cisco Nexus 5K/7K switches (vPC peers) appear as a single logical switch to a downstream device. Arp tables, mac address tables and route tables can be synchronized across the vPC Peer-Link (link connecting the two peer switches). This provides great redundancy in typical Data Center networks. 

Every time I configure a Nexus environment at a Data Center, or a campus core, I have to explain to the end user that the configurations on the vPC peers are not synchronized. Say for example you configure Eth1/30 on Nexus-1, and forget to configure Eth1/30 on Nexus-2, and a device is dual homed to Eth1/30 on both Nexus switches, then when vPC failover occurs and vPC Primary/Secondary roles are switched over, the new primary switch will not have any configuration in store for Eth1/30, and this will cause a service disruption.

To avoid this, you have to be very meticulous and have matching configurations across both vPC peers. Or, you can use configuration synchronization available Continue reading

Understanding Flow Export Terminology

The variety of terms used to describe network flow export technologies and components can be pretty confusing. Just last year I wrote a post on web usage tracking and NetFlow that is already a bit obsolete, so here's an attempt to explain some of the newer terms and capabilities in use today.

NetFlow Version 5
NetFlow v5 is sort of the least common denominator in flow technologies. Almost all vendors and devices that support a flow export technology will do NetFlow v5. Because it's only capable of exporting information about packet fields up to layer 4, however, it's not flexible enough to use for analytics that require information about the application layer. NetFlow v5 tracks only the following data:
  • Source interface
  • Source and destination IP address
  • Layer 4 protocol
  • TCP flags
  • Type of Service
  • Egress interface
  • Packet count
  • Byte count
  • BGP origin AS
  • BGP peer AS
  • IP next hop
  • Source netmask
  • Destination netmask
Netflow Version 9
Netflow v9 was Cisco's first attempt at defining an extensible flow export format, defined in RFC 3954 back in 2004. It provides a flexible format for building customizable flow export records that contain a wide variety of information types. Many of the goals for Continue reading

EtherChannel – Quick and Dirty

EtherChannel allows you to aggregate several switch links into a single, fast, fault-tolerant, logical interface. 16 links can be defined for an EtherChannel, however, a maximum of 8 will be active at any one time.  The other links are placed on standby.

While having multiple links between two switches can possibly create bridging loops, EtherChannel avoids this by bundling the links into a single logical interface.  This logical interface can be configured as an access or trunk interface.

For ports to be members of the same EtherChannel, there are some restrictions. Ports must:

  • Belong to the same VLAN
  • Have identical STP settings
  • Have identical speed/duplex settings
  • Note: In addition, if the EtherChannel is to be used as a trunking interface, all ports must be in trunking mode, have the same native VLAN, and pass the same set of VLANs.

The full duplex maximum bandwidth for 8 links is as follows:

  • Fast EtherChannel (FEC): 1600 Mbps
  • Gigabit EtherChannel (GEC): 16Gbps
  • 10-Gigabit EtherChannel (10GEC): 160Gbps
  • Note:  This is theoretical; maximum bandwidth is not likely to be achieved due to unequal load balancing, and other factors.

Load Balancing

 

EtherChannel load balancing across the links can occur in a number Continue reading

Brocade Auth-Change-Wait-Time

 

The other day I was at work doing an interoperability test with Cisco and Brocade multilayer switches, and we ran into a strange issue that really highlighted my “tunnel view” to the Cisco world.

We were setting up basic OSPF stuff using md5 authentication and we couldn’t get the Cisco and Brocade to form an adjacency.  A debug ip ospf adjacency command on the Cisco switch revealed that the Cisco was using “type 2” authentication, and the Brocade was using “type 0”. 

Here’s a quick breakdown of the authentication types:

Type 0 No authentication
Type 1 Clear text authentication
Type 2 md5 authentication

I set up a SPAN on the Cisco switch and sure enough, we were getting the OSPF Hello packets from the Brocade with no authentication.

After some digging, it turns out the Brocade has an Auth-Change-Wait-Time command in interface configuration mode.  This is set to 300 seconds (5 minutes) by default.  While I don’t quite understand it, the description states it allows for graceful authentication implementation.  So after you enable md5 on the interface, it waits 300 seconds before actually sending OSPF Hellos with authentication.  We toyed around with it Continue reading

1 3,393 3,394 3,395 3,396 3,397 3,451