Archive

Category Archives for "Networking"

What is gNMI?

A few weeks ago we released an episode on the fundamentals of gRPC. And while programmatic interfaces are excellent tools for network automation, often that is only the beginning of the story. That’s no exception with gRPC. In this episode we continue down the path of that gRPC conversation and into gNMI, a standards based approached to programmatic interaction with network devices utilizing gRPC. We discuss what it is, how it works, and where it stands in today’s fast moving environment.

Relevant Links:

Nick Russo
Guest
Roman Dodin
Guest
Tony Efantis
Host
Jordan Martin
Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post What is gNMI? appeared first on Network Collective.

Fundamentals: Is Switching Latency Relevant?

One of my readers wondered whether it makes sense to buy low-latency switches from Cisco or Juniper instead of switches based on merchant silicon like Trident-3 or Jericho (regardless of whether they are running NX-OS, Junos, EOS, or Linux).

As always, the answer is it depends, but before getting into the details, let’s revisit what latency really is. We’ll start with a simple two-node network.

The simplest possible network

The simplest possible network

Fundamentals: Is Switching Latency Relevant?

One of my readers wondered whether it makes sense to buy low-latency switches from Cisco or Juniper instead of switches based on merchant silicon like Trident-3 or Jericho (regardless of whether they are running NX-OS, Junos, EOS, or Linux).

As always, the answer is it depends, but before getting into the details, let’s revisit what latency really is. We’ll start with a simple two-node network.

The simplest possible network

The simplest possible network

Cut-Through Switching Isn’t A Thing Anymore

So, cut-through switching isn’t a thing anymore. It hasn’t been for a while really, though in the age of VXLAN, it’s really not a thing. And of course with all things IT, there are exceptions. But by and large, Cut-through switching just isn’t a thing.

And it doesn’t matter.

Cut-through versus store-and-forward was a preference years ago. The idea is that cut-through switching had less latency than store and forward (it does, to a certain extent). It was also the preferred method, and purchasing decisions may have been made (and sometimes still are, mostly erroneously) on whether a switch is cut-through or store-and-forward.

In this article I’m going to cover two things:

  • Why you can’t really do cut-through switching
  • Why it doesn’t matter that you can’t do cut-through switching

Why You Can’t Do Cut-Through Switching (Mostly)

You can’t do cut-through switching when you change speeds. If the bits in a frame are sent at 10 Gigabits, they need to go into a buffer before they’re sent over a 100 Gigabit uplink. The reverse is also true. You can’t stuff a frame that’s piling into an interface 10 times faster than it’s sending (though it’s not slowed down).

So any switch Continue reading

VMware, Dell split to form independent firms

After many months of wrangling, Dell Technologies says it is spinning off its ownership of VMware to create two standalone companies.While it gives both companies more financial freedom, the new relationship should have no immediate effect on enterprise customers, but that could come down the road.VMware CEO Gelsinger moves to Intel Dell has had an 81% equity ownership of VMware since its 2016, $67 billion purchase of  EMC, which owned VMware. Under terms of the planned spin-off, VMware will distribute a cash dividend of $11.5 - $12 billion to all VMware shareholders, which includes about $9.7 billion to Dell Technologies, the companies stated.To read this article in full, please click here

SD-WAN Part IV: MPLS Network with IS-IS Segment Routing as SD-WAN Transport

 

Introduction

 

In order to have IP connectivity between hosts A and B over the underlay transport network, we need to build a tunnel (IPSec or GRE) between the Public  IP addresses of vEdge devices (TLOC Routes). Then we also need VPN-specific subnet routing information (OMP Routes) to be able to route traffic over the tunnel. This chapter discusses the role and operation of various protocols involved in Control Plane operations when an MPLS Transport network is used as an Underlay Network for SD-WAN solution. The first section introduces the Segment Routing solution for building a Label Switch Path (LSP) between PE routers over the MPLS backbone by using the IS-IS routing protocol for both routing and label distribution. The second section explains how to build L3VPN between vEdge Public IP addresses over the LSP. Figure 4-1 shows the high-level routing model used in this chapter.



Figure 4-1: Control Plane Model.

Continue reading

Cloud Networking Startup Alkira Spins Up In Azure Marketplace

Cloud networking startup Alkira announced that it’s been selected for the “Microsoft for Startups” program. Microsoft offers the program to emerging companies to provide “technology and business support designed to help B2B startups quickly scale.” As part of the program, Alkira will get ecosystem support from Microsoft such as “access to technical, sales and marketing […]

The post Cloud Networking Startup Alkira Spins Up In Azure Marketplace appeared first on Packet Pushers.

Day Two Cloud 093: Application Modernization With VMware (Sponsored)

Today’s Day Two Cloud tackles application modernization with sponsor VMware. As new application platforms such as containers and the public cloud take hold, organizations need to examine their application portfolio to figure out how  applications are meeting business requirements—and how they aren’t. The point of app modernization is to determine whether a new approach and […]

The post Day Two Cloud 093: Application Modernization With VMware (Sponsored) appeared first on Packet Pushers.

Day Two Cloud 093: Application Modernization With VMware (Sponsored)

Today’s Day Two Cloud tackles application modernization with sponsor VMware. As new application platforms such as containers and the public cloud take hold, organizations need to examine their application portfolio to figure out how  applications are meeting business requirements—and how they aren’t. The point of app modernization is to determine whether a new approach and... Read more »

Security Power Block Series: Secure Your Data Center with NSX Firewall

We get it. The world of network security is changing, and it’s hard to keep up. Between your regular duties, pressure to adapt to changing realities, and pandemic stress on both your work and home life, ita challenge to find the time to build new skills.  

Understanding that your time is precious, we’ve created a series of succinct, 30-minute, security-focused webinars that take a deep dive into the topics, strategies, and techniques you need to know. The four sessions in our Security Power Block Series will explore the new security landscape, how our unique architecture is ideal for protecting East-West traffic from modern security threats, and real-world use cases you can use to operationalize your data center security at scale.   

You can register for one, two, three, or all sessions at once and you’ll automatically receive invitations with session links that you can add directly to your calendar. Staying informed — and learning new skills — couldn’t be easier. 

Network Segmentation Made Easy  

April 14, 2021 
10:00 a.m. PT  

Zoning or segmenting data center networks into manageable chunks Continue reading

Taking control of your Ubuntu desktop

You may have a lot more control over your Ubuntu desktop than you know. In this post, we'll look into what you should expect to see by default and how you can change that.Most Linux desktops start out charmingly uncluttered. They display a handful of icons on an attractive background. These include shortcuts for launching applications, generally along the left side or bottom of the screen, and maybe another icon or two in the otherwise open area.The uncluttered desktop is generally a good thing. You can open folders using your file manager and move around to any group of files that you need to use or update. By changing a setting on Ubuntu (and related distributions), however, you can also set up your system to open with a specified set of files in view – and you don't have to move them into your Desktop folder to do so.To read this article in full, please click here

Netsim-tools Release 0.5 Work with Containerlab

TL&DR: If you happen to like working with containers, you could use netsim-tools release 0.5 to provision your container-based Arista EOS labs.

Why does it matter? Lab setup is blindingly fast, and it’s easier to integrate your network devices with other containers, not to mention the crazy idea of running your network automation CI pipeline on Gitlab CPU cycles. Also, you could use the same netsim-tools topology file and provisioning scripts to set up container-based or VM-based lab.

What is containerlab? A cool project that builds realistic virtual network topologies with containers. More details…

Netsim-tools Release 0.5 Work with Containerlab

TL&DR: If you happen to like working with containers, you could use netsim-tools release 0.5 to provision your container-based Arista EOS labs.

Why does it matter? Lab setup is blindingly fast, and it’s easier to integrate your network devices with other containers, not to mention the crazy idea of running your network automation CI pipeline on Gitlab CPU cycles. Also, you could use the same netsim-tools topology file and provisioning scripts to set up container-based or VM-based lab.

What is containerlab? A cool project that builds realistic virtual network topologies with containers. More details…

In Defense Of EIGRP With Zig Zsiga And Ethan Banks – Video

Zig Zsiga and Ethan Banks talk through use cases for the sometimes maligned EIGRP, a popular choice in Cisco networks for decades. The conversation covers EIGRP design basics, the stuck-in-active problem, stub routing, and RFC7868. Comparisons are made to how OSPF design differs to accomplish similar goals. This was originally published as an audio-only podcast […]

The post In Defense Of EIGRP With Zig Zsiga And Ethan Banks – Video appeared first on Packet Pushers.

Defense in Depth: The First Step to Security Certainty

Allen McNaughton Allen is the Director of Technical Sales, Public Sector at InfoBlox. He has over 20 years of experience in developing security solutions for service providers, public sector and enterprise customers. Bad actors are constantly coming up with ways to evade defensive techniques put in place by government agencies, educational institutions, healthcare providers, companies and other organizations. To keep up, network security needs what’s known as “defense in depth” — a strategy that leverages different security solutions to provide robust and comprehensive security against unauthorized intruders. Think about securing your house — locks on your doors only protect your doors. But if you have locks on your doors and windows, a high fence, security cameras, an alarm system and two highly trained guard dogs, you have what we call “defense in depth.” The same goes for networks. When it comes to building a defense-in-depth strategy for your network, the first and most important feature is visibility — knowing what is on your network. Why Visibility? Because You Can’t Protect What You Can’t See If you can’t see it, you can’t protect it — it’s obvious if you think about it. Without understanding the devices, hardware, software and traffic Continue reading

Bringing AI to the edge with NVIDIA GPUs

Bringing AI to the edge with NVIDIA GPUs
Bringing AI to the edge with NVIDIA GPUs

Cloudflare has long used machine learning for bot detection, identifying anomalies, customer support and business intelligence.  And internally we have a cluster of GPUs used for model training and inference.

For even longer we’ve been running code “at the edge” in more than 200 cities worldwide. Initially, that was code that we wrote and any customization was done through our UI or API. About seven years ago we started deploying custom code, written in Lua, for our enterprise customers.

But it’s quite obvious that using a language that isn’t widely understood, and going through an account executive to get code written, isn’t a viable solution and so four years ago we announced Cloudflare Workers. Workers allows anyone, on any plan, to write code that gets deployed to our edge network. And they can do it in the language they choose.

After launching Workers we added storage through Workers KV as programs need algorithms plus data. And we’ve continued to add to the Workers platform with Workers Unbound, Durable Objects, Jurisdictional Restrictions and more.

But many of today’s applications need access to the latest machine learning and deep learning methods. Those applications need three things: to scale easily, Continue reading

What’s In A Title? Network Engineer Vs. Professional Or Licensed Engineer

In the US, do not call yourself a "Professional Engineer" or "Licensed Engineer" as your title. Those are specially reserved titles for those who actually ARE licensed. However, calling yourself a "Network Engineer" is okay. If you want to know more details, read on.

The post What’s In A Title? Network Engineer Vs. Professional Or Licensed Engineer appeared first on Packet Pushers.

Don’t Poke Holes in Our Digital Security Shield

In only a few days the European Union will close the doors on our chance to provide feedback on an initiative which could grant law enforcement agencies backdoor access to encrypted messaging services. Doing this would poke holes in our most important digital security shield. It misleadingly claims it to protect kids’ safety online. As […]

The post Don’t Poke Holes in Our Digital Security Shield appeared first on Internet Society.

Finally! Local Traffic Remained Local

During a recent broadcast of an Italian Series A Championship football match, something extraordinary was happening behind the scenes. Local Internet traffic remained local. Cristiano Zanforlin, Chief Commercial Officer of Milan Internet Exchange (MIX), Flavio Luciani, Chief Technology Officer of Consorzio Namex, and Luca Cicchelli, Interconnection Manager of Consorzio TOP-IX, explain how Italian IXPs helped […]

The post Finally! Local Traffic Remained Local appeared first on Internet Society.