Network Automation and Hammer of Thor

Imagine that you just stumbled upon the hammer Thor carelessly dropped, and you’re so proud of your new tool that everything looks like a nail even though it might be a lightbulb or an orange.

That happens to some people when they get the network automation epiphany: all of a sudden CLI and manual configuration should be banned, and everything can be solved by proper incantation of Git and Ansible commands or whatever other workflow you might have set up… even though the particular problem might have nothing to do with what you have just automated.

IT vendors offer new financing options for cash-strapped enterprises

Enterprise equipment vendors are rolling out financing and relaxed payment plans in an effort to keep customers buying during the COVID-19 lockdown that might be stressing their budgets.For example, Nutanix, the hyperconverged infrastructure (HCI) software provider, announced the Nutanix Special Financial Assistance Program (NSFAP) that provides its partners extended payment terms to give them more financial flexibility. Nutanix also offers financing options for customers through Nutanix Financial Solutions (NFS). [Get regularly scheduled insights by signing up for Network World newsletters.] The program runs through May 31, and participating partners can offer the extended payment terms to their customers. The length of the term extensions will be based on individual partner’s needs, according to the company.To read this article in full, please click here

IBM goes all-in on hybrid cloud

With the 2019 acquisition of open-source powerhouse Red Hat under its belt and a new cloud-savvy CEO at the helm, IBM is looking to reverse a decade of declining revenue and sagging stock prices with a bold strategy focused on hybrid cloud.CEO Arvind Krishna, who formerly led IBM's cloud and cognitive computing division and engineered the $34 billion Red Hat acquisition, made IBM's intentions clear in a LinkedIn post to employees in his first day on the job: "Hybrid cloud and AI are the two dominant forces driving change for our clients and must have the maniacal focus of the entire company. IBM has already built enduring platforms in mainframe, services, and middleware. I believe now is the time to build a fourth platform in hybrid cloud."To read this article in full, please click here

IBM’s big hybrid-cloud gamble

With the 2019 acquisition of open-source powerhouse Red Hat under its belt and a new cloud-savvy CEO at the helm, IBM is looking to reverse a decade of declining revenue and sagging stock prices with a bold strategy focused on hybrid cloud.CEO Arvind Krishna, who formerly led IBM's cloud and cognitive computing division and engineered the $34 billion Red Hat acquisition, made IBM's intentions clear in a LinkedIn post to employees in his first day on the job: "Hybrid cloud and AI are the two dominant forces driving change for our clients and must have the maniacal focus of the entire company. IBM has already built enduring platforms in mainframe, services, and middleware. I believe now is the time to build a fourth platform in hybrid cloud."To read this article in full, please click here

How Did Big Tech Celebrate Earth Day 2020?

Cisco, Google, IBM, Intel, and Microsoft stepped up their Earth Day commitments, promising...

Read More »

MUST READ: When Programming a System with High Kinetic Energy

Kode Vicious (aka George V. Neville-Neil ) wrote another brilliant article on reducing risk in systems that can do serious harm. Here are just two of the gems:

The risks involved in these systems come from three major areas: marketing, accounting, and management.

There is a wealth of literature on safety-critical systems, much of which points in the same direction: toward simplicity. With increasing complexity comes increasing risk …

For whatever reason most networking- and virtualization vendors joined a lemming-like run in the opposite direction years ago.

EVPN-VXLAN | Virtual Gateway |QFX5k Forwarding | JUNOS

In this post, I want to discuss how to verify Virtual Gateway forwarding behaviour on Broadcom based Juniper QFX switches.

The general assumption with EVPN Anycast Gateway is that gateway flows are load-balanced across all gateway devices. And whilst EVPN provides the mechanism to support this behaviour, there is a requirement for the forwarding hardware to also support it.

The mechanism for an EVPN device to load balance gateway flows is to install the virtual gateway ESI as a next-hop for the virtual gateway MAC address. However, Broadcom based QFX switches do not support this behaviour and can only install a single VTEP as a next-hop. So this means that traffic flows heading towards the virtual gateway will only ever traverse via a single gateway device. This behaviour is well documented and there are some talks about Broadcom working with the vendors to improve gateway load-balancing with ESI functionality.

Now we understand the characteristics, let’s look at the steps to verify forwarding behaviour on a Broadcom based QFX switch. Here we’ll look at how to identify which VTEP is being used to reach the virtual-gateway MAC address and how the underlay is transporting the traffic.

Lab Setup

The lab setup Continue reading

SD-WAN Complexity Remains Adoption Burden, Says Aryaka

According to the vendor's latest annual survey, 37% of respondents named complexity as their No. 1...

Read More »

Interview: Impact of COVID-19 on Networking Engineers and Public Cloud

Ben Friedman and his team (the video crew producing all the Tech Field Day events) published a number of interviews about the impact of COVID-19 on IT.

Among other things we discussed how busy networking engineers are trying to cope with unexpected demand, and how public cloud isn’t exactly infinitely elastic.

Juniper Branch SRX LACP Weirdness

Juniper SRX 300 Series firewalls may stop forwarding traffic in some situations. The firewall says it is forwarding the traffic, but it doesn’t work. Monitoring traffic looks OK, ARP entries are present, but traffic never gets to the destination, until you clear ARP. Turns out the problem comes from using LACP with fast timers and active mode. Luckily the fix is simple.

Alert: Firewall Offline

Here’s the situation we saw: Our NMS reported a Juniper SRX320 offline. All other devices at the site were still working, but the firewall was unreachable. Traffic from the firewall to the NMS goes via the firewall’s default gateway. Firewall A in this diagram was unreachable, but Firewall B was fine.

OK, what’s happening? Why is my firewall unreachable?

Firewall says its fine?

Try to ping Firewall A, no response. From the default gateway, we can see an ARP entry for the firewall, but no response to ping. We can log in to Firewall B, and we see an ARP entry for Firewall A. Crucially: we can ping Firewall A from Firewall B. Hmmm. That’s strange. Why can we ping it from one locally connected device but not another?

From Firewall B, we SSH across Continue reading

Juniper Branch SRX LACP Weirdness

Juniper SRX 300 Series firewalls may stop forwarding traffic in some situations. The firewall says it is forwarding the traffic, but it doesn’t work. Monitoring traffic looks OK, ARP entries are present, but traffic never gets to the destination, until you clear ARP. Turns out the problem comes from using LACP with fast timers and active mode. Luckily the fix is simple.

Alert: Firewall Offline

Here’s the situation we saw: Our NMS reported a Juniper SRX320 offline. All other devices at the site were still working, but the firewall was unreachable. Traffic from the firewall to the NMS goes via the firewall’s default gateway. Firewall A in this diagram was unreachable, but Firewall B was fine.

OK, what’s happening? Why is my firewall unreachable?

Firewall says its fine?

Try to ping Firewall A, no response. From the default gateway, we can see an ARP entry for the firewall, but no response to ping. We can log in to Firewall B, and we see an ARP entry for Firewall A. Crucially: we can ping Firewall A from Firewall B. Hmmm. That’s strange. Why can we ping it from one locally connected device but not another?

From Firewall B, we SSH across Continue reading

Untangle Rolls Out Predictive Routing to SD-WAN Router

The technology is designed to translate information from packet headers, out of band information,...

Read More »

WiFi 6 Feeds Need for Speed With 5X Spectrum Boost

It’s the largest swath of spectrum allocated for WiFi since 1989, and it comes as WiFi 6 begins...

Read More »

Daily Roundup: AT&T Selects Stankey as New CEO

AT&T selected Stankey as new CEO; Verizon claimed its 5G is COVID-19 proof; and Intel posted...

Read More »

Heavy Networking 513: How The Internet Is Handling The Covid-19 Load

Today's Heavy Networking looks at the impact of Covid-19 on Internet usage and capacity with two guests who have front-row views: Neil McRae, Senior Leader at British Telecom; and Dave Temkin, VP of Infrastructure at Netflix.

The post Heavy Networking 513: How The Internet Is Handling The Covid-19 Load appeared first on Packet Pushers.

Heavy Networking 513: How The Internet Is Handling The Covid-19 Load

Intel Posts Strong Q1 Earnings, Warns of Q2 Headwinds

Despite pandemic related challenges, Intel reported revenues of $19.8 billion for the quarter, up...

Read More »

Verizon Claims 5G Plans Immune to COVID-19

Verizon’s 5G network was live in 34 U.S. cities at the end of the quarter, and CEO Hans Vestberg...

Read More »

AT&T CEO Shake Up Sees Stephenson Out, Stankey In

The move comes on the heels of AT&T’s most recent quarterly earnings release that was...

Read More »

Blessay: Coin-Operated Evangelism

This article was first published in Packet Pushers Human Infrastructure Magazine. An email newsletter that talks about being a human in technology. You can subscribe, for free here.  I struggle with the concept of ‘corporate evangelism’.  So here are some thoughts on the topic.  Religious Roots Evangelism is a religious principle that your belief is […]

The post Blessay: Coin-Operated Evangelism appeared first on EtherealMind.