Kathmandu, Nepal is data center 123

Kathmandu, Nepal is data center 123

Kathmandu, Nepal is data center 123

We said that we would head to the mountains for Cloudflare’s 123rd data center, and mountains feature prominently as we talk about Kathmandu, Nepal, home of our newest deployment and our 42nd data center in Asia!

Five and three quarter key facts to get started:

  • Nepal is home to the highest mountain in the world.
  • Kathmandu has more UNESCO heritage sites in its immediate area than any other capital!
  • The Nepalese flag isn’t a rectangle. It’s not even close!
  • Nepal has never been conquered or ruled by another country.
  • Kathmandu, Nepal is where Cloudflare has placed its 123rd data center.
  • Nepal’s timezone is 5 hours 45 minutes ahead of GMT.

Mountains

The mountainous nation of Nepal is home to Mount Everest, the highest mountain in the world, known in Nepali as Sagarmāthā. Most of us learn that at school; however there’s plenty of other mountains located in Nepal. Here’s the ones above 8,000 meters (extracted from the full list) to get you started:

  • Mount Everest at 8,848 meters
  • Kanchenjunga at 8,586 meters
  • Lhotse at 8,516 meters
  • Makalu at 8,463 meters
  • Cho Oyu at 8,201 meters
  • Dhaulagiri I at 8,167 meters
  • Manaslu at 8,156 meters
  • Annapurna I at 8,091 meters

Kathmandu, Nepal is data center 123 Continue reading

Viewing Cisco Proximity with SpectrumView

I wanted to share a quick trick for troubleshooting Cisco Proximity. For those that haven’t stumbled onto this particular technology, Proximity is a feature in Spark Connected and Traditional Cisco Video Endpoints that provides a pairing channel for screen sharing. Specifically, the codec announces its presence and connection information via 22khz audio stream. The client device then uses that connection information to make a connection over the network and share the screen with the codec. Since 22khz is beyond what the human ear can hear, there is a need for some other tool to check for its presence.

The tool I use to check for the pairing channel presence is SpectrumView and is available in the Apple App Store.

SpectrumView

There are a couple options that need to be manually configured before the tool displays the higher frequency used for the pairing process:

  • Recording – Audio Sampling Rate 48000
  • Display – This may be necessary to adjust if you don’t see anything. I typically set mine to about 15dB

With the proper settings and within range of a proximity enable device, some output should be visible just above 20kHz.

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical Continue reading

Viewing Cisco Proximity with SpectrumView

I wanted to share a quick trick for troubleshooting Cisco Proximity. For those that haven’t stumbled onto this particular technology, Proximity is a feature in Spark Connected and Traditional Cisco Video Endpoints that provides a pairing channel for screen sharing. Specifically, the codec announces its presence and connection information via 22khz audio stream. The client device then uses that connection information to make a connection over the network and share the screen with the codec. Since 22khz is beyond what the human ear can hear, there is a need for some other tool to check for its presence.

The tool I use to check for the pairing channel presence is SpectrumView and is available in the Apple App Store.

SpectrumView

There are a couple options that need to be manually configured before the tool displays the higher frequency used for the pairing process:

  • Recording – Audio Sampling Rate 48000
  • Display – This may be necessary to adjust if you don’t see anything. I typically set mine to about 15dB

With the proper settings and within range of a proximity enable device, some output should be visible just above 20kHz.

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical Continue reading

Viewing Cisco Proximity with SpectrumView

I wanted to share a quick trick for troubleshooting Cisco Proximity. For those that haven’t stumbled onto this particular technology, Proximity is a feature in Spark Connected and Traditional Cisco Video Endpoints that provides a pairing channel for screen sharing. Specifically, the codec announces its presence and connection information via 22khz audio stream. The client device then uses that connection information to make a connection over the network and share the screen with the codec. Since 22khz is beyond what the human ear can hear, there is a need for some other tool to check for its presence.

The tool I use to check for the pairing channel presence is SpectrumView and is available in the Apple App Store.

SpectrumView

There are a couple options that need to be manually configured before the tool displays the higher frequency used for the pairing process:

  • Recording – Audio Sampling Rate 48000
  • Display – This may be necessary to adjust if you don’t see anything. I typically set mine to about 15dB

With the proper settings and within range of a proximity enable device, some output should be visible just above 20kHz.

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical Continue reading

BrandPost: DIY Not the Best Approach to SD-WAN

Wide area networks (WANs) were not designed for the load that most enterprises need them to handle today. Demand for data across the distributed enterprise is growing exponentially; virtually all enterprises are using cloud technology in some form; and the Internet of Things is growing expanding the scope of networks far beyond servers, PCs, tablets and smartphones. So, it shouldn’t be a surprise that many are eagerly turning to software-defined WANs (SD-WANs) to deal with those growing needs.SD-WANs reflected the ongoing movement to software-defined IT assets and increasing reliance on virtualization to make those assets available where and when needed. But few organizations have the fortitude—or budget—to rip and replace core pieces of their existing infrastructure, such as MPLS, which provides Class of Service prioritization and Quality of Service management.To read this article in full, please click here

BrandPost: Sorting Through SD-WAN Options

Most enterprises rely on a combination of MPLS and IPsec to implement virtual private networks (VPNs) across the organization’s wide area network (WAN). But the emergence of mobile devices and cloud-based applications, along with enormous growth in data volumes, has them scrambling for more flexible, more cost-effective options. Many expect software-defined network (SDN) technologies, and in particular SD-WANs, to provide the solution, but sorting through all the options can be a challenge.Backed by venture capital, SD-WAN appliance vendors have been popping up all over the place. But appliance-based point solutions represent somewhat of a do-it-yourself scenario, and it’s important to understand whether they’ll inhibit or enhance what an enterprise can gain from SD-WAN deployment.To read this article in full, please click here

Understanding IPv6 – The 7 Part Blog Series and the 28 minute CHI-NOG Snippet

New to IPv6 or know someone who is?  Below you will find my 7 part blog series of my lessons learned during my IPv6 journey and how I now teach IPv6 to others newer to it.  Prefer a YouTube instead?  At the end you will find the very rapid paced .. 28 minute… presentation I did of this for CHI-NOG in 2016.

     Understanding IPv6: The Journey Begins (Part 1 of 7)

 

   Understanding IPv6: Link-Local ‘Magic’ (Part 2 of 7)

 

Understanding IPv6: A Sniffer Full Of 3s (Part 3 of 7)

 

  Understanding IPv6: What Is Solicited-Node Multicast? (Part 4 of 7)

 

  Understanding IPv6: Prepping For Solicited-Node Multicast (Part 5 of 7)

 

Understanding IPv6: The Ping Before Solicited-Node Multicast (Part 6 of 7)

 

Understanding IPv6: Solicited-Node Multicast In Action (Part 7 of 7)

 

 

 

JUNIPER QFX10K | EVPN-VXLAN | MAC LEARNING VERIFICATION | SINGLE-HOMED ENDPOINT

This article is all about EVPN-VXLAN and Juniper QFX technology. I’ve been working with this tech quite a lot over the past few months and figured it would be useful to share some of my experiences. This particular article is probably going to be released in 2 or 3 parts and is focused specifically on the MAC learning process and how to verify behaviour. The first post focuses on a single-homed endpoint connected to the fabric via a single leaf switch. The second part will look at a multihomed endpoint connected via two leaf switches that are utilising the EVPN multihoming feature. And, lastly, the third part will focus on Layer 3 Virtual Gateway at the QFX10k Spine switches. The setup I’m using is based on Juniper vQFX for spine and leaf functions with a vSRX acting as a VR device. I also have a Linux host that is connected to a single leaf switch.

Overview

When verifying and troubleshooting EVPN-VXLAN it can become pretty difficult to figure out exactly how the control plane and data plane are programmed and how to verify behaviours. You’ll find yourself looking at various elements such as the MAC table, EVPN database, EVPN routing Continue reading

Understanding IPv6: Solicited-Node Multicast In Action (Part 7 of 7)

 

The last few blogs in my series on IPv6 have focused on solicited-node multicast, which provides the functionality for Neighbor Discovery in IPv6 addressing. We ended the last blog with a cliffhanger, asking, “In IPv6, how do we find the Layer 2 MAC address associated with a Layer 3 IPv6 address?”

 

Time to put the pieces together
In this series of blogs, I have laid out all the varying puzzle pieces needed to answer this question. Let’s start putting those puzzle pieces together.

In this blog, we learned that, if a device has an IPv6 global address of 2001:DB8::AB:1/64, then, according to RFC 4291, it must also “compute and join” the IPv6 solicited-node multicast address FF02::1:FFAB:1.

By the same logic, that means the node associated with the IPv6 address of 2001:DB8::AB:2 must “compute and join” the IPv6 solicited-node multicast address FF02::1:FFAB:2.

So our first puzzle piece gets us to here:

But so what? How does that get us any closer to getting the DMAC associated with Router B’s IPv6 global unicast address? All it did was give us a multicast address that this IPv6 unicast address must join.

Let’s add another piece of the puzzle. From this Continue reading

Understanding IPv6: The Ping Before Solicited-Node Multicast (Part 6 of 7)

In a previous blog, we looked at the basics of IPv6 solicited-node multicast. Going back to our Router A and Router B environment, if we sniff the wire while pinging from Router A’s IPv6 address to Router B’s IPv6 address, what will we see? Spoilers! Suffice it to say we will see some IPv6 solicited-node multicast very much in action.

 

Ping in IPv4

Before we jump into IPv6, let’s first do an IPv4 ping from Router A to Router B. When we sniff the wire we can review the mechanisms of how IPv4 does all of this on the wire.

When ping 10.10.10.2 is entered on Router A, the router knows it is being asked to build an ICMP echo request message and put it “out on the wire” with a destination IP address of 10.10.10.2. But in order to make the request “ready” to put out on the wire to get to 10.10.10.2, Router A needs more than simply the destination IPv4 address.

For the purposes of this post, we will look at four things the router needs before sending the ICMP echo request out on the wire. These Continue reading

BrandPost: Delivering Best-in-Class Education Technology Without Breaking the Bank

Digital technology is driving fundamental changes in the educational process. As digital devices and the internet become an integral part of students’ lives, schools are finding they must support new learning solutions. Digital learning is a new constant in the school day.New digital solutions and technologies such as virtual/augmented reality, digital whiteboards, distance learning, personalized learning, artificial intelligence, and gamification are creating new demands on schools’ IT capabilities and infrastructure. And as these and other exciting new technologies come into regular use, many schools find they need to upgrade their server room into an “always-on,” flexible, and cost-efficient data center designed to support 21st century learning.To read this article in full, please click here

Understanding IPv6: Prepping For Solicited-Node Multicast (Part 5 of 7)

Solicited-node multicast: I stumbled and tripped a bunch over this one in the beginning.  Well, that isn’t 100% true. Admittedly, at first, I really just ignored it, which really got in the way of my understanding some of the fundamentals of Neighbor Discovery Protocol (NDP).

But before we jump into solicited-node multicast, let’s review link-local scope multicast addresses.

Multicast is all around you
Multicast is all around your current IPv4 network. You might not think so if you haven’t enabled IP multicast routing and PIM, but it’s there. Pretty much everywhere you turn, it’s there.

Let’s return to our RouterA/RouterB environment. But let’s have IPv4 only running right now, like probably a lot of your routers in your environment.

Show IP interface
This is often an overlooked command, which is a shame because there is a great deal of very useful information that is given in the output. For now, we’re going to focus on the line “multicast reserved groups joined” and ignore all the other lines.

See? Lots and lots of multicast! To be specific, lots of “Local Network Control Block (224.0.0.0 – 224.0.0.255 (224.0.0/24),” according to the Internet Continue reading

Which data center intrusion prevention systems are worth the investment? NSS Labs tests 5 DCIPS products

Performance is critical when evaluating data center intrusion-prevention systems (DCIPS), which face significantly higher traffic volumes than traditional IPSes.A typical IPS is deployed at the corporate network perimeter to protect end-user activity, while a DCIPS sits inline, inside the data center perimeter, to protect data-center servers and the applications that run on them. That requires a DCIPS to keep pace with traffic from potentially hundreds of thousands of users who are accessing large applications in a server farm, says NSS Labs, which recently tested five DCIPS products in the areas of security, performance and total cost of ownership.To read this article in full, please click here

Which data center intrusion prevention systems are worth the investment? NSS Labs tests 5 DCIPS products

Performance is critical when evaluating data center intrusion-prevention systems (DCIPS), which face significantly higher traffic volumes than traditional IPSes.A typical IPS is deployed at the corporate network perimeter to protect end-user activity, while a DCIPS sits inline, inside the data center perimeter, to protect data-center servers and the applications that run on them. That requires a DCIPS to keep pace with traffic from potentially hundreds of thousands of users who are accessing large applications in a server farm, says NSS Labs, which recently tested five DCIPS products in the areas of security, performance and total cost of ownership.To read this article in full, please click here

Which data center intrusion prevention systems are worth the investment? NSS Labs tests 5 DCIPS products

Performance is critical when evaluating data center intrusion-prevention systems (DCIPS), which face significantly higher traffic volumes than traditional IPSes.A typical IPS is deployed at the corporate network perimeter to protect end-user activity, while a DCIPS sits inline, inside the data center perimeter, to protect data-center servers and the applications that run on them. That requires a DCIPS to keep pace with traffic from potentially hundreds of thousands of users who are accessing large applications in a server farm, says NSS Labs, which recently tested five DCIPS products in the areas of security, performance and total cost of ownership.To read this article in full, please click here

AMD Gets Zen About The Edge

If there is one thing that can be said about modern distributed computing that has held true for three decades now, it is that the closer you get to the core of the datacenter, the beefier the compute tends to be. Conversely, as computing gets pushed to the edge, it gets lighter by the necessity of using little power and delivering just enough performance to accomplish whatever data crunching is necessary outside of the datacenter.

While we have focused on the compute in the traditional datacenter since founding The Next Platform three years ago, occasionally dabbling in the microserver arena

AMD Gets Zen About The Edge was written by Timothy Prickett Morgan at The Next Platform.

Understanding IPv6: What Is Solicited-Node Multicast? (Part 4 of 7)

IPv6 solicited-node multicast somtimes seems to confuse those new to IPv6 in the beginning. I think this is because it seems so foreign and new. In this post, we will explore exactly what IPv6’s solicited-node multicast is and the rules of creating such an address as told to us by RFC 4291.

However, before we start on what’s new and different, let’s look at what solicited-node multicast has in common with IPv4 and IPv6 constructs that we already know.

In this blog post, we looked at IPv6 link-local scope multicast addresses. One of the examples was FF02::A. This address is for all devices on a wire that want to “talk” EIGRP with one another.

Focusing specifically on FF02::A and how routers join it, we can see and say three things:

  • Local: FF02::A is local to the wire.
  • Join: Each device “joins” FF02::A by just “deciding to listen” to the IPv6 link-local scope multicast address FF02::A. Then, by extension, it listens to the corresponding MAC address for that multicast IPv6 address (33:33:00:00:00:0A).
  • Common interest: As we can see, these varying groups have something in common that they would all like to hear about. For FF02::A, the common interest — the “connection” Continue reading
1 1,667 1,668 1,669 1,670 1,671 3,794