What is KISS Principle ? Keep it Simple and Stupid ?

What is KISS Principle ? Okay it stands for Keep it Simple and Stupid but what does really it mean in networking ? Can we really make things simpler ?. Probably yes but should we ?   Let’s remember What Einstein said about simplicity.   ” Everything should be made as simple as possible, but no […]

The post What is KISS Principle ? Keep it Simple and Stupid ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Evolution from PINs to PICs Cloud Networking

Evolution from PINs to PICs Cloud Networking
Networking is simply so cool again after decades of static and stagnant silo designs. The rapid acceptance of universal cloud spine across a variety of clouds and industry verticals is a testament to just how critical of a problem this is to IT. By adopting a clean sheet of modern methodologies and code with a programmable state-based foundation, we are embarking on the next frontier.

Evolution from PINs to PICs Cloud Networking

Evolution from PINs to PICs Cloud Networking
Networking is simply so cool again after decades of static and stagnant silo designs. The rapid acceptance of universal cloud spine across a variety of clouds and industry verticals is a testament to just how critical of a problem this is to IT. By adopting a clean sheet of modern methodologies and code with a programmable state-based foundation, we are embarking on the next frontier.

ETL is slowing down real-time data analytics

The data transformation tool known as ETL, or extract, transfer and load, is slowing down companies’ ability to do real-time data analysis, costing those companies business opportunities and making their analytics inefficient. That is the result of a survey of 502 IT professionals conducted by IDC on behalf of InterSystems Corp., a high-performance database management vendor. The survey also found that Changed Data Capture (CDC) technology is also slowing companies down and impeding their ability to do real-time data analysis. To read this article in full or to leave a comment, please click here

ETL is slowing down real-time data analytics

The data transformation tool known as ETL, or extract, transfer and load, is slowing down companies’ ability to do real-time data analysis, costing those companies business opportunities and making their analytics inefficient. That is the result of a survey of 502 IT professionals conducted by IDC on behalf of InterSystems Corp., a high-performance database management vendor. The survey also found that Changed Data Capture (CDC) technology is also slowing companies down and impeding their ability to do real-time data analysis. To read this article in full or to leave a comment, please click here

ETL is slowing down real-time data analytics

The data transformation tool known as ETL, or extract, transfer and load, is slowing down companies’ ability to do real-time data analysis, costing those companies business opportunities and making their analytics inefficient. That is the result of a survey of 502 IT professionals conducted by IDC on behalf of InterSystems Corp., a high-performance database management vendor. The survey also found that Changed Data Capture (CDC) technology is also slowing companies down and impeding their ability to do real-time data analysis. To read this article in full or to leave a comment, please click here

Did you see my Networkcareer.net Interview?

I recently made an interview with networkcareer.net  I talked with Daniel many things on networking, brief overview of my story , predictions for the future of networking, recommended community platforms for the network engineers and many other things ! This is a new website which provides many good interviews on networking.   There are many good […]

The post Did you see my Networkcareer.net Interview? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

EVPN lab – EVPN-VXLAN to EVPN-MPLS stitching

Last big topic that I need to practice – Data Center Interconnect (DCI).
Fortunately I pretty confident in my skills in the MPLS L3VPN area, so I think I shouldn’t spend much time for this topic.
The most complex DCI option remains – EVPN stitching. In this topic I will show you my example of EVPN-VXLAN to EVPN-MPLS stitching (there is also option of EVPN-VXLAN to EVPN-VXLAN stitching, but configuration should be similar to my example).
EVPN stitching concept is pretty simple – you just need to configure two EVPN instances on each of DC Gateway devices (MX routers) and connect them to each other using Logical Tunnel (lt-) interfaces.
Scheme of my EVPN stitching lab:

Due to time constraints I’ll show you only the upper part of topology – stitching on vMX1 and vMX3 routers. Configurations of vMX2 and vMX4 should be exactly the same as this ones.
So lets see vMX1 routing-instances configuration:

alex@vMX1# show routing-instances
evpn {
    vtep-source-interface lo0.0;
    instance-type virtual-switch;
    interface lt-0/0/10.1;
    route-distinguisher 1.1.1.1:1;
    vrf-import Continue reading

Query name minimization

One new thing you need to add your DNS security policies is "query name minimizations" (RFC 7816). I thought I'd mention it since many haven't heard about it.

Right now, when DNS resolvers lookup a name like "www.example.com.", they send the entire name to the root server (like a.root-servers.net.). When it gets back the answer to the .com DNS server a.gtld-servers.net), it then resends the full "www.example.com" query to that server.

This is obviously unnecessary. The first query should be just .com. to the root server, then example.com. to the next server -- the minimal amount needed for each query, not the full query.

The reason this is important is that everyone is listening in on root name server queries. Universities and independent researchers do this to maintain the DNS system, and to track malware. Security companies do this also to track malware, bots, command-and-control channels, and so forth. The world's biggest spy agencies do this in order just to spy on people. Minimizing your queries prevents them from spying on you.

An example where this is important is that story of lookups from AlfaBank in Continue reading

Configuring BGP Route Maps

Today I am going to talk about the next step in the BGP. As we discussed on BGP Synchronisation and BGP multihop concept in my earlier articles. If you would like to have a look on that topics please check with the below links for your references.

BGP Synchronization Rule
BGP Load balancing ebgp-multihop

Some of the other articles on the BGP where we have BGP basics , BGP configurations on HP Routers and other articles are

BGP Basics Overview
Cisco Routers Sample BGP Configurations : Quick and Easy
Juniper Routers Sample BGP Configurations : Quick and Easy

In this article, I will take through the concept of the route maps and the configuration of the route maps in the BGP environment. All these configurations showing below will be on Cisco router.

Why we are using the BGP route maps, well route maps are used to control BGP routing information. Route maps are to define the condition by which routes are redistributed between routing domains.

Note : Route maps cannot be used to filter incoming BGP updates based on IP address. You can, however, use route maps to filter outgoing BGP updates based on IP address.

With the use of Continue reading

EVPN-VXLAN lab – IRB functionality

Firstly, QFX5100 series doesn’t support EVPN-VXLAN inter-VXLAN routing, so I practice all IRB related topics on vMX devices. vQFXs acts as a simple L2 EVPN gateways.
This post continues the EVPN-VXLAN lab from the previous ones.

Full vMX IRB interfaces configuration:

alex@vMX1# show interfaces irb
unit 100 {
    proxy-macip-advertisement;
    family inet {
        address 172.16.0.251/24 {
            virtual-gateway-address 172.16.0.254;
        }
    }
    family inet6 {
        address 2001:dead:beef:100::1/64 {
            virtual-gateway-address 2001:dead:beef:100::a;
        }
    }
}
unit 200 {
    proxy-macip-advertisement;
    family inet {
        address 172.16.1.251/24 {
            virtual-gateway-address 172.16.1.254;
        }
    }
    family inet6 {
        address 2001:dead:beef:200::1/64 {
            virtual-gateway-address 2001:dead:beef: Continue reading

Docker Networking Tip – Macvlan driver

Last few months, I have been looking at Docker forums(https://forums.docker.com/, https://stackoverflow.com/questions/tagged/docker) and trying to understand some of the common questions/issues faced in the Docker Networking area. This prompted me to do 2 presentations: Docker Networking overview Docker Networking – Common issues and troubleshooting techniques I received positive feedback to these 2 presentations. As a next step, … Continue reading Docker Networking Tip – Macvlan driver

BGP Synchronization Rule

Today I am going to talk about one of the basic feature of the BGP named as BGP Synchronization. Your first question : what is BGP Synchronization ? 

BGP Synchronization means that the BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP. Hope it clears the concept. Let me explain you in another way. It means if you got a ebgp route from the external neighbor via router A (as a assumption) and you want to send it to router B which is connected to another ebgp neighbour, the routes can only be learned to router B once learned by internal routers via IGP protocol.

Let me take an topology and explanation to it and further we can go with the configuration where we will disable the Synchronization as we don't want the traffic to be known to the IGP protocol.


Fig 1.1- BGP Synchronization
As shown in the above topology, if Router C sends updates about network 170.10.0.0 and received by  Router A. Now Routers A and B are running IBGP as shown in the diagram so Router B receives updates about network 170.10. Continue reading

BGP Load balancing ebgp-multihop

Today I am going to talk about the BGP configuration where i will tell you about the load balancing between the two links connecting two service providers via BGP protocol. We have two different methods to achieve this one is use of ebgp multihop command or the other way is to use the ttl security command and both these methods are applicable on the BGP neighbor command.

In this article, We are going to take through the ebgp multihop command on to the neighbours between two service providers. I knew many of you already knew the load balancing concept in the BGP.

In my example, I am taking two serial links between two routers which shares the e-BGP information between them which means each router belongs to the specific AS number. Below is the topology for your reference.

Fig 1.1- use of ebgp multihop
In the above topology, Router A is in AS100 have two serial links connected to Router B which is in AS 200 and for both the links, e-bgp is sharing information.

Below is the configuration on Router A and Router B for your reference. All the IPs and the topology uses here has no relevance Continue reading

Hyper-converged infrastructure – Part 2 : Planning an Cisco HyperFlex deployment

I recently got the chance to deploy a Cisco HyperFlex solution that is composed of 3 Cisco HX nodes in my home lab. As a result, I wanted to share my experience with that new technology (for me). If you do not really know what all this “Hyperconverged Infrastructure hype” is all about, you can […]

The post Hyper-converged infrastructure – Part 2 : Planning an Cisco HyperFlex deployment appeared first on VPackets.net.

1 1,967 1,968 1,969 1,970 1,971 3,853