The Tables Have Turned: Ericsson Picks Verizon for SD-WAN
Ericsson played a role in helping Verizon set up its managed SD-WAN service.
NSX Load Balancing – Accelerated Layer 4 Virtual Servers
In the previous blog, we investigated the basic feature set of NSX Load Balancing, some of the business reasons to use it, and deployed an ESG (Edge Services Gateway), the NSX load balancing platform. Today, we are going to setup our first virtual server. When we look at load balancing, it operates at the Transport layer or above of the OSI model and is inclusive of the network layer. In the most basic of terms, Load Balancing looks at a “session” from the transport layer and applies a load balancing algorithm and a NAT policy to the traffic. I put “session” in quotes because we can load balance both TCP and UDP based applications, but UDP does not have a stateful session, but we can still load balance UDP services.
Whenever someone has stated that and given application cannot be load balanced, I first ask them if the traffic can be processed by a NAT at either the client or server end. If the answer is yes, odds are that it can be load balanced with sufficient understanding of the application and the required ports, protocols and persistence to make the application function correctly. This is Continue reading
Open19: A New Step for Data Centers
While most network engineers do not spend a lot of time thinking about environmentals, like power and cooling, physical space problems are actually one of the major hurdles to building truly large scale data centers. Consider this: a typical 1ru rack mount router weighs in at around 30 pounds, including the power supplies. Centralizing rack power, and removing the sheet metal, can probably reduce this by about 25% (if not more). By extension, centralizing power and removing the sheet metal from an entire data center’s worth of equipment could reduce the weight on the floor by about 10-15%—or rather, allow about 10-15% more equipment to be stacked into the same physical space. Cooling, cabling, and other considerations are similar—even paying for the sheet metal around each box to be formed and shipped adds costs.
What about blade mount systems? Most of these are designed for rather specialized environments, or they are designed for a single vendor’s blades. In the routing space, most of these solutions are actually chassis based systems, which are fraught with problems in large scale data center buildouts. The solution? Some form of open, foundation based standard that can be used by all vendors to build equipment Continue reading
Businesses Rethinking Security Software Strategy, Gartner Says
AI, machine learning driving new security strategies.
Online meetup recap: Introduction to LinuxKit
At DockerCon 2017 we introduced LinuxKit: A toolkit for building secure, lean and portable Linux subsystems. Here are the key principles and motivations behind the project:
- Secure defaults without compromising usability
- Everything is replaceable and customizable
- Immutable infrastructure applied to building Linux distributions
- Completely stateless, but persistent storage can be attached
- Easy tooling, with easy iteration
- Built with containers, for running containers
- Designed for building and running clustered applications, including but not limited to container orchestration such as Docker or Kubernetes
- Designed from the experience of building Docker Editions, but redesigned as a general-purpose toolkit
- Designed to be managed by external tooling, such as Infrakit or similar tools
- Includes a set of longer-term collaborative projects in various stages of development to innovate on kernel and userspace changes, particularly around security
For this Online Meetup, Docker Technical Staff member Rolf Neugebauer gave an introduction to LinuxKit, explained the rationale behind its development and gave a demo on how to get started using it.
Watch the recording and slides
You’ll find below a list of additional questions asked by attendees at the end of the online meetups:
You said the ONBOOT containers are run sequentially, does it wait for one to finish before it Continue reading
Packet Pushers – Priority Queue PQ Show 117: VMware NSX & Container Networking (Sponsored)
Todays Priority Queue episode is a sponsored conversation with VMware about NSX and container networking. Our guest is Sai Chaitanya. The post PQ Show 117: VMware NSX & Container Networking (Sponsored) appeared first on Packet Pushers.
Research: Network Security Using ntopng
Presentation on using NTOP-NG as a security tool
The post Research: Network Security Using ntopng appeared first on EtherealMind.
Hyperconvergence Paves Way To Private Cloud
ESG analysts offer guidance on hyperconverged infrastructure at Interop ITX.
Software-Defined Storage Products: IT Pros Offer Insight
Find out what users have to say about products in the emerging SDS market.
Capacity Planner Version 2.0 Released
Modern Wi-Fi networks are complex beasts. Despite all the fancy new features in products, the technology is only becoming more complex and the demands on the network are only growing. Wi-Fi is the most heavily used method to transport user data today, eclipsing cellular and LAN traffic volumes according to multiple reports from analysis firms including Cisco, Ofcom, Mobidia, Ovum, and others. Meanwhile, the technical complexity contained within the IEEE 802.11 standard results in a technical document that is over 3,200 pages long! This means deploying a network right is no easy task.
One of the most difficult aspects to get right when deploying a Wi-Fi network is understanding capacity requirements. It is not sufficient enough to use rule-of-thumb guidelines based on number of clients per access point or number of access points per square foot/meter since they often result in networks that do not adequately meet actual end-user demands and perform poorly. More rigor is required while maintaining simplicity of use so that most network administrators can be confident of a successful outcome.
Essential to wireless network performance and capacity planning is understanding the interaction between access point capabilities, network configuration, client device capabilities, and the RF Continue reading
Worth Reading: Career IT Advice from Industry Gurus
Neil Anderson collected career advice from 111 IT industry gurus (just getting all of them to respond must have been monumental effort). Well worth reading ;)
Transforming the Internet Society’s web presence
Have you struggled to find information on our current website? Have you found it difficult to know what actions you can take on important issues such as connecting the unconnected and building trust on the Internet?
You are not alone.
In one of the most visible and important changes we are making this year, we are working hard on giving our website a deep refresh. We are building it to be a direct vehicle for action. We are redesigning it from the ground up to help us achieve our objective of connecting everyone, everywhere to a globally connected, trusted Internet.
It will look different, it will feel different, it will be more accessible and will be more aligned with this strategic goal.
James Wood
Multi-site Active-Active Solutions with NSX-V and F5 BIG-IP DNS
I’ve written several prior blogs on multi-site solutions with NSX-V discussing topics such as fundamentals, design options, multi-site security, and disaster recovery; see below links to review some of the prior material. In this post, I’ll discuss how VMware NSX-V and F5 BIG-IP DNS (prior known as F5 GTM) can be used together for Active/Active solutions where an application is spanning multiple sites and site-local ingress/egress for the application is desired. F5 offers both virtual and physical appliances; in this post I demonstrate using only the virtual (VE) F5 appliances. Big thanks to my friend Kent Munson at F5 Networks for helping with the F5 deployment in my lab and for providing some of the details to help with this blog post. This is the first of several blog posts to come on this topic. Continue reading