Stateful Switchover (SSO) 101
Stateful Switchover (SSO) is another seemingly awesome technology that can help you implement high availability when facing a broken non-redundant network design. Here’s how it’s supposed to work:
- A network device runs two copies of the control plane (primary and backup);
- Primary control plane continuously synchronizes its state with the backup control plane;
- When the primary control plane crashes, the backup control plane already has all the required state and is ready to take over in moments.
Delighted? You might be disappointed once you start digging into the details.
Stateful Switchover (SSO) 101
Stateful Switchover (SSO) is another seemingly awesome technology that can help you implement high availability when facing a broken non-redundant network design. Here’s how it’s supposed to work:
- A network device runs two copies of the control plane (primary and backup);
- Primary control plane continuously synchronizes its state with the backup control plane;
- When the primary control plane crashes, the backup control plane already has all the required state and is ready to take over in moments.
Delighted? You might be disappointed once you start digging into the details.
Lucky Webapp Add Select2 dropdowns
In this post I will cover the process of adding searchable dropdown boxes to your Lucky webapp with the Select2 Javascript library and styling them with Bootstrap 5. Software The following software versions were used in this post. Lucky - 0.28.0 Select2 - 4.1.0-rc.0 Bootstrap -...continue reading
Network Break 350: Intel Pledges Billions For European Chip Factories; Facebook Reveals New Data Center Design
This week's Network Break podcast wonders what Intel wants in return for a multi-year, multi-billion pledge to build European chip factories, marvels at Facebook's newly revealed data center designs, analyzes Comcast's Masergy acquisition, and more.
The post Network Break 350: Intel Pledges Billions For European Chip Factories; Facebook Reveals New Data Center Design appeared first on Packet Pushers.
Network Break 350: Intel Pledges Billions For European Chip Factories; Facebook Reveals New Data Center Design
This week's Network Break podcast wonders what Intel wants in return for a multi-year, multi-billion pledge to build European chip factories, marvels at Facebook's newly revealed data center designs, analyzes Comcast's Masergy acquisition, and more.11 Tips on Gaining Experience in Network Design
For people that want to pursue a career in network design, it can be tough getting the experience needed for such a role. How do you get design experience if your current role does not involve design? There are still many things you can do and I will give you tips on gaining that experience.
Network fundamentals – I always bring this up because it’s easy to overlook the need for network fundamentals. Being an Architect you still need to have technical chops and hopefully some operational experience as well. How can you design for something you are not familiar with? You can’t! You need to know OSPF, ISIS, BGP, etc. to understand when you should use each protocol. Spend a lot of time building these fundamentals before you move into design. How do you do that? Ivan Pepelnjak has training in this area. There is also the Computer Networking Problems and Solutions book by Russ White and Ethan Banks.
Books – There are several excellent books on network design. Some of them are geared towards network design certifications but they are great reads even if you are not pursuing any certification. One of my favourite books is The Art Continue reading
Configuring NSX-T Firewall with a CI/CD Pipeline
Initial implementation of Noël Boulene’s automated provisioning of NSX-T distributed firewall rules changed NSX-T firewall configuration based on Terraform configuration files. To make the deployment fully automated he went a step further and added a full-blown CI/CD pipeline using GitHub Actions and Terraform Cloud.
Not everyone is as lucky as Noël – developers in his organization already use GitHub and Terraform Cloud, making his choices totally frictionless.
Configuring NSX-T Firewall with a CI/CD Pipeline
Initial implementation of Noël Boulene’s automated provisioning of NSX-T distributed firewall rules changed NSX-T firewall configuration based on Terraform configuration files. To make the deployment fully automated he went a step further and added a full-blown CI/CD pipeline using GitHub Actions and Terraform Cloud.
Not everyone is as lucky as Noël – developers in his organization already use GitHub and Terraform Cloud, making his choices totally frictionless.
TLS with a side of DANE
These are some notes I took from the DNS OARC meeting held in September 2021. This was a short virtual meeting, but for those of us missing a fix of heavy-duty DNS, it was very welcome in any case!Multi-Cloud as the New Hybrid
Companies with their primary infrastructure in the cloud should consider a multi-cloud DR solution in case their provider suffers a disruption.Short feedback on Cisco pyATS and Genie Parser
Cisco pyATS is a framework for network automation and testing. It includes, among other things, an open-source multi-vendor set of parsers and models, Genie Parser. It features 2700 parsers for various commands over many network OS. On the paper, this seems a great tool!
>>> from genie.conf.base import Device >>> device = Device("router", os="iosxr") >>> # Hack to parse outputs without connecting to a device >>> device.custom.setdefault("abstraction", {})["order"] = ["os", "platform"] >>> cmd = "show route ipv4 unicast" >>> output = """ ... Tue Oct 29 21:29:10.924 UTC ... ... O 10.13.110.0/24 [110/2] via 10.12.110.1, 5d23h, GigabitEthernet0/0/0/0.110 ... """ >>> device.parse(cmd, output=output) {'vrf': {'default': {'address_family': {'ipv4': {'routes': {'10.13.110.0/24': {'route': '10.13.110.0/24', 'active': True, 'route_preference': 110, 'metric': 2, 'source_protocol': 'ospf', 'source_protocol_codes': 'O', 'next_hop': {'next_hop_list': {1: {'index': 1, 'next_hop': '10.12.110.1', 'outgoing_interface': 'GigabitEthernet0/0/0/0.110', 'updated': '5d23h'}}}}}}}}}}
First deception: pyATS is closed-source with some exceptions. This
is quite annoying if you run into some issues outside Genie Parser.
For example, although pyATS is using the ssh command, Continue reading
Welcome to Speed Week and a Waitless Internet
No one likes to wait. Internet impatience is something we all suffer from.
Waiting for an app to update to show when your lunch is arriving; a website that loads slowly on your phone; a movie that hasn’t started to play… yet.
But building a waitless Internet is hard. And that’s where Cloudflare comes in. We’ve built the global network for Internet applications, be they websites, IoT devices or mobile apps. And we’ve optimized it to cut the wait.
If you believe ISP advertising then you’d think that bandwidth (100Mbps! 1Gbps! 2Gbps!) is the be all and end all of Internet speed. That’s a small component of what it takes to deliver the always on, instant experience we want and need.
The reality is you need three things: ample bandwidth, to have content and applications close to the end user, and to make the software as fast as possible. Simple really. Except not, because all three things require a lot of work at different layers.
In this blog post I’ll look at the factors that go into building our fast global network: bandwidth, latency, reliability, caching, cryptography, DNS, preloading, cold starts, and more; and how Cloudflare zeroes in on Continue reading
Worth Reading: Ops Questions in Software Engineering Interviews
Charity Majors published another must-read article: why every software engineering interview should include ops questions. Just a quick teaser:
The only way to unwind this is to reset expectations, and make it clear that:
- You are still responsible for your code after it’s been deployed to production, and
- Operational excellence is everyone’s job.
Adhering to these simple principles would remove an enormous amount of complexity from typical enterprise IT infrastructure… but I’m afraid it’s not going to happen anytime soon.
Worth Reading: Ops Questions in Software Engineering Interviews
Charity Majors published another must-read article: why every software engineering interview should include ops questions. Just a quick teaser:
The only way to unwind this is to reset expectations, and make it clear that:
- You are still responsible for your code after it’s been deployed to production, and
- Operational excellence is everyone’s job.
Adhering to these simple principles would remove an enormous amount of complexity from typical enterprise IT infrastructure… but I’m afraid it’s not going to happen anytime soon.