Should you be breaking things intentionally on your network? The idea might sound preposterous to some, but in this short take Russ White explains how intentional failures can make your network more resilient.
The post Short Take – Breaking Things appeared first on Network Collective.
The managed cloud provider deploys more than 22,000 Cisco firewalls.
The traditional certification route for NetOps is giving way to automation and coding skills.
IT departments want containers to make their lives easier, not harder.
Mr. Anonymous (my most loyal reader and commentator) sent me this question as a comment to one of my blog posts:
Is there any use case of running EVPN (or PBB EVPN) in DC with MPLS Data Plane, most vendors seems to be only implementing NVO to my understanding.
Sure there is: you already have MPLS control plane and want to leverage the investment.
Read more ...
We said that we would head to the mountains for Cloudflare’s 123rd data center, and mountains feature prominently as we talk about Kathmandu, Nepal, home of our newest deployment and our 42nd data center in Asia!
Five and three quarter key facts to get started:
The mountainous nation of Nepal is home to Mount Everest, the highest mountain in the world, known in Nepali as Sagarmāthā. Most of us learn that at school; however there’s plenty of other mountains located in Nepal. Here’s the ones above 8,000 meters (extracted from the full list) to get you started:
I wanted to share a quick trick for troubleshooting Cisco Proximity. For those that haven’t stumbled onto this particular technology, Proximity is a feature in Spark Connected and Traditional Cisco Video Endpoints that provides a pairing channel for screen sharing. Specifically, the codec announces its presence and connection information via 22khz audio stream. The client device then uses that connection information to make a connection over the network and share the screen with the codec. Since 22khz is beyond what the human ear can hear, there is a need for some other tool to check for its presence.
The tool I use to check for the pairing channel presence is SpectrumView and is available in the Apple App Store.
There are a couple options that need to be manually configured before the tool displays the higher frequency used for the pairing process:
With the proper settings and within range of a proximity enable device, some output should be visible just above 20kHz.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical Continue reading
I wanted to share a quick trick for troubleshooting Cisco Proximity. For those that haven’t stumbled onto this particular technology, Proximity is a feature in Spark Connected and Traditional Cisco Video Endpoints that provides a pairing channel for screen sharing. Specifically, the codec announces its presence and connection information via 22khz audio stream. The client device then uses that connection information to make a connection over the network and share the screen with the codec. Since 22khz is beyond what the human ear can hear, there is a need for some other tool to check for its presence.
The tool I use to check for the pairing channel presence is SpectrumView and is available in the Apple App Store.
There are a couple options that need to be manually configured before the tool displays the higher frequency used for the pairing process:
With the proper settings and within range of a proximity enable device, some output should be visible just above 20kHz.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical Continue reading
I wanted to share a quick trick for troubleshooting Cisco Proximity. For those that haven’t stumbled onto this particular technology, Proximity is a feature in Spark Connected and Traditional Cisco Video Endpoints that provides a pairing channel for screen sharing. Specifically, the codec announces its presence and connection information via 22khz audio stream. The client device then uses that connection information to make a connection over the network and share the screen with the codec. Since 22khz is beyond what the human ear can hear, there is a need for some other tool to check for its presence.
The tool I use to check for the pairing channel presence is SpectrumView and is available in the Apple App Store.
There are a couple options that need to be manually configured before the tool displays the higher frequency used for the pairing process:
With the proper settings and within range of a proximity enable device, some output should be visible just above 20kHz.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical Continue reading
Hyperconverged revenue alone grew over 200 percent, compared to a year earlier.
New to IPv6 or know someone who is? Below you will find my 7 part blog series of my lessons learned during my IPv6 journey and how I now teach IPv6 to others newer to it. Prefer a YouTube instead? At the end you will find the very rapid paced .. 28 minute… presentation I did of this for CHI-NOG in 2016.
Understanding IPv6: The Journey Begins (Part 1 of 7)
Understanding IPv6: Link-Local ‘Magic’ (Part 2 of 7)
Understanding IPv6: A Sniffer Full Of 3s (Part 3 of 7)
Understanding IPv6: What Is Solicited-Node Multicast? (Part 4 of 7)
Understanding IPv6: Prepping For Solicited-Node Multicast (Part 5 of 7)
Understanding IPv6: The Ping Before Solicited-Node Multicast (Part 6 of 7)
Understanding IPv6: Solicited-Node Multicast In Action (Part 7 of 7)
This article is all about EVPN-VXLAN and Juniper QFX technology. I’ve been working with this tech quite a lot over the past few months and figured it would be useful to share some of my experiences. This particular article is probably going to be released in 2 or 3 parts and is focused specifically on the MAC learning process and how to verify behaviour. The first post focuses on a single-homed endpoint connected to the fabric via a single leaf switch. The second part will look at a multihomed endpoint connected via two leaf switches that are utilising the EVPN multihoming feature. And, lastly, the third part will focus on Layer 3 Virtual Gateway at the QFX10k Spine switches. The setup I’m using is based on Juniper vQFX for spine and leaf functions with a vSRX acting as a VR device. I also have a Linux host that is connected to a single leaf switch.
When verifying and troubleshooting EVPN-VXLAN it can become pretty difficult to figure out exactly how the control plane and data plane are programmed and how to verify behaviours. You’ll find yourself looking at various elements such as the MAC table, EVPN database, EVPN routing Continue reading
The last few blogs in my series on IPv6 have focused on solicited-node multicast, which provides the functionality for Neighbor Discovery in IPv6 addressing. We ended the last blog with a cliffhanger, asking, “In IPv6, how do we find the Layer 2 MAC address associated with a Layer 3 IPv6 address?”
Time to put the pieces together
In this series of blogs, I have laid out all the varying puzzle pieces needed to answer this question. Let’s start putting those puzzle pieces together.
In this blog, we learned that, if a device has an IPv6 global address of 2001:DB8::AB:1/64, then, according to RFC 4291, it must also “compute and join” the IPv6 solicited-node multicast address FF02::1:FFAB:1.
By the same logic, that means the node associated with the IPv6 address of 2001:DB8::AB:2 must “compute and join” the IPv6 solicited-node multicast address FF02::1:FFAB:2.
So our first puzzle piece gets us to here:
But so what? How does that get us any closer to getting the DMAC associated with Router B’s IPv6 global unicast address? All it did was give us a multicast address that this IPv6 unicast address must join.
Let’s add another piece of the puzzle. From this Continue reading
In a previous blog, we looked at the basics of IPv6 solicited-node multicast. Going back to our Router A and Router B environment, if we sniff the wire while pinging from Router A’s IPv6 address to Router B’s IPv6 address, what will we see? Spoilers! Suffice it to say we will see some IPv6 solicited-node multicast very much in action.
Ping in IPv4
Before we jump into IPv6, let’s first do an IPv4 ping from Router A to Router B. When we sniff the wire we can review the mechanisms of how IPv4 does all of this on the wire.
When ping 10.10.10.2 is entered on Router A, the router knows it is being asked to build an ICMP echo request message and put it “out on the wire” with a destination IP address of 10.10.10.2. But in order to make the request “ready” to put out on the wire to get to 10.10.10.2, Router A needs more than simply the destination IPv4 address.
For the purposes of this post, we will look at four things the router needs before sending the ICMP echo request out on the wire. These Continue reading
Solicited-node multicast: I stumbled and tripped a bunch over this one in the beginning. Well, that isn’t 100% true. Admittedly, at first, I really just ignored it, which really got in the way of my understanding some of the fundamentals of Neighbor Discovery Protocol (NDP).
But before we jump into solicited-node multicast, let’s review link-local scope multicast addresses.
Multicast is all around you
Multicast is all around your current IPv4 network. You might not think so if you haven’t enabled IP multicast routing and PIM, but it’s there. Pretty much everywhere you turn, it’s there.
Let’s return to our RouterA/RouterB environment. But let’s have IPv4 only running right now, like probably a lot of your routers in your environment.
Show IP interface
This is often an overlooked command, which is a shame because there is a great deal of very useful information that is given in the output. For now, we’re going to focus on the line “multicast reserved groups joined” and ignore all the other lines.
See? Lots and lots of multicast! To be specific, lots of “Local Network Control Block (224.0.0.0 – 224.0.0.255 (224.0.0/24),” according to the Internet Continue reading
