When Stretching Layer Two, Separate Your Fate
On the Packet Pushers YouTube channel, Jorge asks in response to Using VXLAN To Span One Data Center Across Two Locations…
TL;DR
That video is a couple of years old at this point, and I don’t recall the entire discussion. Here’s my answer at this moment in time. If DCI is required (and I argue that it shouldn’t be in most cases), look at VXLAN/EVPN. EVPN is supported by several vendors. If you are a multi-vendor shop, watch for EVPN inter-vendor compatibility problems. Also look for vendor EVPN guides discussing the use case of data center interconnect (DCI).
Also be aware (and beware) of vendor-proprietary DCI technologies like Cisco’s OTV. I recommend against investing in OTV and similar tech unless you already have hardware that can do it and can turn the feature on for free. Otherwise, my opinion, for what it’s worth, is to stick with an EVPN solution. EVPN is a standard that’s been running in production environments for Continue reading
Heavy Networking 572: How First Bank Leverages Aruba SD-WAN For Network And Security Transformation (Sponsored)
Today's Heavy Networking explores how First Bank uses Aruba’s SD-WAN to advance its cloud migration, support remote workers, and provide secure segmentation for IoT devices. We also discuss the growing trend of SASE and First Bank’s strategy around cloud-delivered security services. Our guests are Marc Ashworth, CISO at First Bank; and Damon Ennis, VP of Engineering at Aruba Networks.
The post Heavy Networking 572: How First Bank Leverages Aruba SD-WAN For Network And Security Transformation (Sponsored) appeared first on Packet Pushers.
Heavy Networking 572: How First Bank Leverages Aruba SD-WAN For Network And Security Transformation (Sponsored)
Today's Heavy Networking explores how First Bank uses Aruba’s SD-WAN to advance its cloud migration, support remote workers, and provide secure segmentation for IoT devices. We also discuss the growing trend of SASE and First Bank’s strategy around cloud-delivered security services. Our guests are Marc Ashworth, CISO at First Bank; and Damon Ennis, VP of Engineering at Aruba Networks.Debunk the Junk- The case for App Acceleration with SD-WAN
In this episode we will discuss the idea of SD-WAN vs. Application Acceleration and WANop. With the proliferation of SD-WAN we’ve heard a lot of people say that SD-WAN gives you the traffic control, but does it negate the need for application acceleration or WAN optimization tools? We attack this common misconception and discuss our stance on the matter in this episode.
Reference Links:
- https://www.riverbed.com/blogs/sd-wan-or-wan-optimization.html
- https://community.riverbed.com
- https://riverbed.com
Phil Gervasi
Host
Brandon Carroll
Host
John Pittle
Guest
The post Debunk the Junk- The case for App Acceleration with SD-WAN appeared first on Network Collective.
Five Disruptive Features of Tomorrow’s 6G Networks
The international 6G standards are still in development. But one thing is clear: 6G will leave its predecessors far behind.Per Origin Host Header Override
Load Balancing as a concept is pretty straightforward. Take an existing infrastructure and route requests to the available origin servers so no single server is overwhelmed. Add in some health monitoring to ensure each server has a heartbeat/pulse so proactive decisions can be made. With two steps, you get more effective utilization of your existing resources… simple enough!
As your application grows, however, load balancing becomes more complicated. An example of this — and the subject of this blog post — is how load balancing interacts with the Host header in an HTTP request.
Host headers and load balancing
Every request to a website contains a unique piece of identifying information called the Host header. The Host header helps route each request to the correct origin server so the end user is sent the information they requested from the start.
For example, say that you enter example.com into my URL bar in my browser. You are sending a request to ‘example.com’ to send you back the homepage located within that application. To make sure you actually get resources from example.com, your browser includes a Host header of example.com. When that request reaches the back-end infrastructure, Continue reading
Cisco SD-WAN – Part III: Overlay Management Protocol
Introduction
This chapter introduces the operation of the Overlay Management Protocol (OMP). It starts by introducing TLOC Routes which are used for establishing tunnels between vEdges. Next, it explains OMP Routes which in turn are used for advertising client VPN-specific networks reachability information. I am also going to show the data plane encapsulation when data is sent between the hosts in site 10 and site 30. The purpose of the data plane section is to show how the label attribute advertised within OMP routing advertisements is used to identify customer VPN. In order to see inside captured packets, I am using GRE tunnels instead of IPSec. Figure 3-1 illustrates the example topology used in this chapter. The customer VPN 10 is used on both sites. Site 10 subnet is 172.16.10.0/24 and site 30 subnet is 172.16.30.0/24. Interface ge0/0 in both vEdges is connected to the Public-Internet, and interface ge0/1 is the connected to MPLS transport network where the customer has its dedicated MPLS VPN.
Figure 3-1: SD-WAN Example Topology.
Bringing New Engineers into Networking on Software Gone Wild
As I started Software Gone Wild podcast in June 2014, I wanted to help networking engineers grow beyond the traditional networking technologies. It’s only fitting to conclude this project almost seven years and 116 episodes later with a similar theme Avi Freedman proposed when we started discussing podcast topics in late 2020: how do we make networking attractive to young engineers.
Elisa Jasinska and Roopa Prabhu joined Avi and me, and we had a lively discussion that I hope you’ll find interesting.
Bringing New Engineers into Networking on Software Gone Wild
As I started Software Gone Wild podcast in June 2014, I wanted to help networking engineers grow beyond the traditional networking technologies. It’s only fitting to conclude this project almost seven years and 116 episodes later with a similar theme Avi Freedman proposed when we started discussing podcast topics in late 2020: how do we make networking attractive to young engineers.
Elisa Jasinska and Roopa Prabhu joined Avi and me, and we had a lively discussion that I hope you’ll find interesting.
New Video Course: How Networks Really Work
Those who follow my work know I’ve been focused on building live webinars for the last year or two, but I am still creating pre-recorded material for Pearson. The latest is built from several live webinars which I no longer give; I’ve updated the material and turned them into a seven-hour course called How Networks Really Work. Although I begin here with the “four things,” the focus is on a problem/solution view of routed control planes. From the description:
There are many elements to a networking system, including hosts, virtual hosts, routers, virtual routers, routing protocols, discovery protocols, etc. Each protocol and device (whether virtual or physical) is generally studied as an individual “thing.” It is not common to consider all these parts as components of a system that works together to carry traffic through a network. To show how all these components work together to form a complete system, this video course presents a series of walk throughs showing the processing involved in various kinds of network events, and how control planes use those events to build the information needed to carry traffic through a network.
IPv6 Buzz 073: Exploring Microsoft’s IPv6 History
This week's IPv6 Buzz episode features Justine Vick, network architect and engineer and Microsoft veteran whose IPv6 work dates back to the earliest inclusion of the protocol in Windows.We talk about why Microsoft supported and deployed IPv6 early, support challenges in-house and externally, how IPv6 affects software development, and more.
The post IPv6 Buzz 073: Exploring Microsoft’s IPv6 History appeared first on Packet Pushers.
IPv6 Buzz 073: Exploring Microsoft’s IPv6 History
This week's IPv6 Buzz episode features Justine Vick, network architect and engineer and Microsoft veteran whose IPv6 work dates back to the earliest inclusion of the protocol in Windows.We talk about why Microsoft supported and deployed IPv6 early, support challenges in-house and externally, how IPv6 affects software development, and more.Creative Virtual Team Building Ideas
Handling a remote team is not the easiest task. They have fewer opportunities to socialize and they don’t have a way to get to know new members. Such remoteness in work can lead to feelings of disconnection and isolation.
That is why your business needs virtual team building activities. It will allow the workers to get to know each other and feel more connected. They will drive a sense of belonging and community that everyone needs.
Here are our top choices for creative virtual team building activities.
1. Weekly Trivia Contest
People love trivia. Jeopardy is a big example of how much people love taking part in trivia contests. So, you can create such a contest for your virtual team as well.
You can decide:
- Categories (Current events, entertainment, science, etc.)
- Timing (Day the contest will take place)
- Difficulty (Beginner, intermediate, or advanced)
- Region (Do you want to include your global teammates or just the ones in your state?)
If you want a platform for automated weekly trivia quizzes for your remote team, then you can opt for Water Cooler Trivia. It is a platform that will automate the entire process to make things seamless. It is one Continue reading
5 Reasons to Do an External Threat Hunt on Your Network Now
An external threat hunt is commonly used to evaluate the efficacy of security controls and it can help organizations evolve risk and compliance policies to close gaps in security protocols and policies.Dynamic URL Rewriting at the edge with Cloudflare
URLs are ugly. They are hard to read, difficult to memorise and often auto-generated for the benefit of the origin server - not the user.
Today we are announcing the immediate availability of Transform Rules for all Cloudflare plans. Transform Rules provide Cloudflare administrators with the ability to create URL rewrite rules. These rules transform HTTP requests as they flow through Cloudflare providing an interpretation layer between the human friendly and the computer friendly.
Ease of understanding
Imagine you are going on a much needed around-the-world trip and want to buy a copy of John Graham-Cumming’s book The Geek Atlas: 128 Places Where Science and Technology Come Alive to use as inspiration. Would the link https://www.travelbooks247.com/dp/0596523203/ make sense to you? Chances are the answer is no. It's hard for humans to understand these complex, contextless URLs.
This is why companies instead provide user friendly alternatives such as: https://www.travelbooks247.com/Geek-Atlas-Places-Science-Technology/dp/0596523203/ and use web servers as the interpreter. This interpretation is known as URL rewriting.
Large ecommerce retailers take HTTP requests to these human-friendly URLs and rewrite them using a simple pattern that strips the content Geek-Atlas-Places-Science-Technology/ before sending the HTTP request to the backend. The human readable hyperlink Continue reading