WISP Design – Building Highly Available VPLS for Public Subnets

What is VPLS?

Virtual Private LAN Service or VPLS is a Layer 2 overlay or tunnel that allows for the encapsulation of ethernet frames (with or without VLAN tags) over an MPLS network.

https://tools.ietf.org/html/rfc4762

VPLS is often found in Telco networks that rely on PPPoE to create centralized BRAS deployments by bringing all of the end users to a common point via L2.

MikroTik VPLS example (https://wiki.mikrotik.com/wiki/Transparently_Bridge_two_Networks_using_MPLS)

Background

The idea for this post came out of a working session (at the bar of course) at WISPAmerica 2018 in Birmingham, Alabama.

There was a discussion about how to create redundancy for VPLS tunnels on multiple routers. I started working on this in EVE-NG as we were talking about it.

The goal is creating highly available endpoints for VPLS when using them to deploy a public subnet that can be delivered to any tower in the WISP. The same idea works for wireline networks as well.

Use Case

As IPv4 becomes harder to get, ISPs like WISPs, without large blocks of public space find it difficult to deploy them in smaller subnets. The idea behind breaking up a /23 or /24 for example, is that every Continue reading

WISP Design – Building Highly Available VPLS for Public Subnets

What is VPLS?

Virtual Private LAN Service or VPLS is a Layer 2 overlay or tunnel that allows for the encapsulation of ethernet frames (with or without VLAN tags) over an MPLS network.

https://tools.ietf.org/html/rfc4762

VPLS is often found in Telco networks that rely on PPPoE to create centralized BRAS deployments by bringing all of the end users to a common point via L2.

MikroTik VPLS example (https://wiki.mikrotik.com/wiki/Transparently_Bridge_two_Networks_using_MPLS)

Background

The idea for this post came out of a working session (at the bar of course) at WISPAmerica 2018 in Birmingham, Alabama.

There was a discussion about how to create redundancy for VPLS tunnels on multiple routers. I started working on this in EVE-NG as we were talking about it.

The goal is creating highly available endpoints for VPLS when using them to deploy a public subnet that can be delivered to any tower in the WISP. The same idea works for wireline networks as well.

Use Case

As IPv4 becomes harder to get, ISPs like WISPs, without large blocks of public space find it difficult to deploy them in smaller subnets. The idea behind breaking up a /23 or /24 for example, is that every Continue reading

WSMeter: A performance evaluation methodology for Google’s production warehouse-scale computers

WSMeter: A performance evaluation methodology for Google’s production warehouse-scale computers Lee et al., ASPLOS’18

(The link above is to the ACM Digital Library, if you don’t have membership you should still be able to access the paper pdf by following the link from The Morning Paper blog post directly.)

How do you know how well your large kubernetes cluster / data centre / warehouse-scale computer (WSC) is performing? Is a particular change worth deploying? Can you quantify the ROI? To do that, you’re going to need some WSC-wide metric of performance. Not so easy! The WSC may be running thousands of distinct jobs all sharing the same underlying resources. Developing a load-testing benchmark workload to accurately model this is ‘practically impossible.’ Therefore, we need a method that lets us evaluate performance in a live production environment. Google’s answer is the Warehouse Scale performance Meter (WSMeter), “a methodology to efficiently and accurately evaluate a WSC’s performance using a live production environment.” At WSC scale, even small improvements can translate into considerable cost reductions. WSMeter’s low-risk, low-cost approach encourages more aggressive evaluation of potential new features.

Challenges in defining a WSC performance metric

Consider a change Continue reading

Get Started with Junos Quickly (and free!)

Get Started with Junos Quickly (and free!)

Get Started with Junos Quickly (and free!)

When I got started in networking, my education (like so many network engineers) was all about Cisco. All my networking courses in college, as well as my early networking jobs all used Cisco curricula and equipment, and valued Cisco certifications like the CCNA/CCNP/CCIE above all.

It wasn’t until I had already been in the industry for about three years or so before I even got my hands on a Juniper device, and by that time, my IOS habits had taken root in my muscles, which made the new set/delete style of Junos configurations even more strange. While my Junos experience never came close to exceeding my IOS/NXOS experience, I grew to appreciate some of the subtle advantages that Juniper bakes into its software. However, getting this experience meant I had to work that much harder to get my hands on lab gear to make it more a part of my day-to-day experience.

These days, it’s way easier to get started with Junos. You don’t have to wait for someone to get you some lab gear - you can set up a virtual lab right on your laptop. While there are a few places you can do this, one of the Continue reading

OMG The Stupid It Burns

“The views and opinions expressed are those of the author and not necessarily the positions of the U.S. Army, Department of Defense, or the U.S. Government.” <- I sincerely hope so…
“the cyber guns of August” https://t.co/xdybbr5B0E

— the grugq (@thegrugq) April 22, 2018

Describing Network Automation: Automate the Coffee

How to Describe Automation

Cisco Live, Milan, 2014, the place where everyone drinks a caffé! It was this year that Cisco’s DevNet began to grow and my passion for software, automation and networking was in for a roller-coaster ride. I watched various refreshment stands delivering coffee to the endless queues of guests and began to see something special in the thing that I originally called an espresso!

For so long we’ve used pipes and water to describe networking itself and for a long time I was hunting for a good way to talk about network automation. Turns out a caffé is a great way to describe automation and especially network automation. We also feel emotionally about it and understand the process used to have one placed in ones hand.

Annoyingly so, when automation is the topic up for conversation, we start with "Let’s automate the network" and not with what it is we want to automate. If you’ve raised your eyebrow, point in case. Even worse is when you’re asked for a use-case. The answer is nothing more than a reflection: "Tell me what your humans do". This isn’t a product, it’s the deep integration of human process and digitised Continue reading

What Came First: VLANs or VRFs?

One of my friends sent me this question:

Do you remember if VLANs came first or was it VRFs?

I remember VLANs using ISL (pre-802.1q encapsulation) on early Cisco Ethernet switches (mid 90s), the earliest reference I could track down on Wikipedia is from 1988.

Cisco Express Forwarding (CEF)

I am currently studying to rectify my CCIE and it is at these times that I realise there is so much I have studied and learnt but forgotten. There are many cool things I come across that I think at the time are useful features that I need to remember, but unfortunately if you don’t have a real world use for them they are soon put to the back of the brain and over time forgotten. The same applies with taking for granted the way things work, be that ARP, DHCP or the process a switch or router goes through when moving traffic. I came across some of my old notes on CEF which I thought worth sharing.

Analyzing data with Pandas Package – An Intro to Pandas

Hi,

Title may sound extremely Hitech for someone who never heard about pandas ;), but what I have written is a simple hello world equivalent  program, which I guess should start to help my day to day analysis, as always the aim is to let anyone know the advantage of something than hammering with some theory !

I was going through various python packages available to analyze data and came across pandas package along with numpy package. These are not there by default in Python installation and if you like them to be on your system, you should install them via PIP, I have them installed already hence you can see that it complains in the below image.

Note :

Understand why you need to have something like Pandas / Numpy even if you have never heard of them, that’s the point of this tiny program

Imagine, how you would solve this if you never knew Pandas/Numpy and you will see the power of these

packages, again you don’t have to know these to realize their full power.

Now coming to the requirement, here is a sample spreadsheet that I have below, its a CSV Sheet which contains certain Continue reading

OPL2 Audio Board: an AdLib sound card for Arduino

In a previous article, I presented the OPL2LPT, a sound card for the parallel port featuring a Yamaha YM3812 chip, also known as OPL2—the chip of the AdLib sound card. The OPL2 Audio Board for Arduino is another indie sound card using this chip. However, instead of relying on a parallel port, it uses a serial interface, which can be drived from an Arduino board or a Raspberry Pi. While the OPL2LPT targets retrogamers with real hardware, the OPL2 Audio Board cannot be used in the same way. Nonetheless, it can also be operated from ScummVM and DOSBox!

Unboxing?

The OPL2 Audio Board can be purchased on Tindie, either as a kit or fully assembled. I have paired it with a cheap clone of the Arduino Nano. A library to drive the board is available on GitHub, along with some examples.

One of them is DemoTune.ino. It plays a short tune on three channels. It can be compiled and uploaded to the Arduino with PlatformIO—installable with pip install platformio—using the following command:¹

$ platformio ci \
    --board nanoatmega328 \
    --lib ../.. Continue reading

Found on the Web: Your CLI Should Be a Server

Guess what I found: a software developer trying to persuade his peers that they need an API version of their CLI tool. Yes, I checked and it’s still 2018, and the year CLI dies seems to be a bit further out than some people thought.

I’d guess this proves that the rest of the world is not so far ahead of us lowly network engineers as blabbering pundits and vendor marketers would have us believe.

Needless to say, the engineers architecting Junos knew this almost 20 years ago.

Here’s how NetQ injects S.O.U.L into your network

Our passion at Cumulus is all around networking with S.O.U.L. Simple. Open. Untethered. Linux. These tenants come together to help organizations build a web-scale, modern, automated network that is necessary for the digital age. So it’s no surprise that Cumulus NetQ and networking with S.O.U.L go hand-in-hand. Let’s take a closer look at how Cumulus NetQ builds on these tenants of S.O.U.L.

Simple

NetQ is all about simplifying network operations. The deep visibility achieved through Cumulus NetQ is extremely powerful from a network validation, management and troubleshooting standpoint.

• Simplifying rollout validation: Cumulus NetQ helps reassure networking teams that what they are rolling into production will actually work. Its validation system lets users check their configuration during production rollout. And with NetQ’s powerful tracing capability, you can validate that you have the true end-to-end connectivity you expected. Tracing saves a huge amount of time as you work to ensure that the path of the packet is working as expected. Without Tracing, you have to go box-by-box and validate all the way up and down the stack. Instead, with NetQ, you can see the pathways the packets flow. This network validation works down Continue reading

Taking The Long View On High Performance Networking

It is hard to make a profit selling hardware to supercomputing centers, hyperscalers, and cloud builders, all of whom demand the highest performance at the lowest prices. But in the first quarter of this year, network chip, adapter, switch, and cable supplier Mellanox Technologies – which has products aimed at all three of these segments – managed to do it.

And with activist investor, Starboard Value, pressing Mellanox to make the kinds of profits that other networking companies command, the swing to a very decent net income could not have come at a better time. Starboard has been on the …

Taking The Long View On High Performance Networking was written by Timothy Prickett Morgan at The Next Platform.

Ericsson Hired 500 Engineers for 5G

CEO Borje Ekholm’s cost-cutting measures seem to be working. In the first quarter, the company reined in its losses and improved its gross margin.

Micro-segmentation Starter Kit

Micro-segmentation Starter Kit Traditional security solutions are designed to protect the perimeter.  As applications and data are becoming increasingly distributed, they are often spanning not only multiple sites, but also multiple clouds.  This is making it harder to identify where the perimeter actually is in order to secure it.  But even if the perimeter can... Read more →

Micro-segmentation Starter Kit

Traditional security solutions are designed to protect the perimeter.  As applications and data are becoming increasingly distributed, they are often spanning not only multiple sites, but also multiple clouds.  This is making it harder to identify where the perimeter actually is in order to secure it.  But even if the perimeter can be reliably identified, securing it alone is not enough. The east-west traffic inside of the environment must be secured as well. VMware NSX makes security an intrinsic part of the infrastructure that applications and data live on, rather than a bolted-on afterthought; security is built in Day 0.

VMware created a Micro-segmentation Starter Kit to help you get started with securing your network from Planning to Enforcement to Troubleshooting.  Each kit includes 6 CPUs of both NSX ADV and vRealize Network Insight ADV at 25% off the global list price.

• Plan: Take the manual and subjective process out of determining what security policies to put in place and where. vRealize Network Insight provides a comprehensive net flow assessment and analysis to model and recommend security groups and firewall rules across your physical, virtual, and cloud environments.

• Enforce: Micro-segmentation, the implementation of security policy Continue reading

Is Open Source The AI Nirvana for Intel?

Intel has been making some interesting moves in the community space recently, including free licenses for its compiler suite for educators and open source contributors can now be had, as can rotating 90 day licenses for its full System Studio environment for anyone who takes the time to sign up.

In the AI space, Intel recently announced that its nGraph code for managing AI graph APIs has also been opened to the community. After opening it up last month, Intel has been followed up on the initial work on MXNet with further improvements to TensorFlow.

The Next Platform …

Is Open Source The AI Nirvana for Intel? was written by James Cuff at The Next Platform.

Link Propagation 115