Internet2 at 20: Alive and kicking

Nearly 20 years after its launch, Internet2 is quietly humming along on university campuses across the country, doing its R&D work and connecting researchers who might otherwise not be able to share information so readily.To read this article in full or to leave a comment, please click here(Insider Story)

Skyport eases the pain of deploying and securing remote servers

Skyport does one thing, and it does it well. Skyport offers SkySecure Server, a remotely deployable platform for Windows and/or Linux virtual machines in a fortress-like environment. You can rent one for $2,500 per month, or less. Skyport SkySecure Servers solve a major pain point for IT execs looking for control over their remote servers. Skyport provides a hardened server that can be safely deployed to off-premises locations with little to no pre-configuration headaches. It comes pre-built and ready to host and secure either their list or your qualified list of popular host operating systems as VMs. Once deployed it’s largely tamper proof, and its subsequent use is done remotely, securely, with full online-monitoring control. Skyport is as security-paranoid as we are; therefore we liked it, finding only a few foibles.To read this article in full or to leave a comment, please click here(Insider Story)

Greg Ferro on Private and Public Clouds

Everyone talks about public or hybrid clouds, whitebox switching with home-grown networking operating system, or SDN nirvana, but whenever I talk with enterprise-focused architects, consultants or vendor SEs, I see a totally different story.

Here's a typical response I'm getting from engineers in this group: “I work with multinational financial customers, and in this group hybrid cloud is not even a topic. They do private cloud projects, with some of them looking into public cloud deployments of isolated projects on base AWS functionality.

Read more ...

OSPF Area Types

OSPF Area Types – Different Areas in OSPF are used to create smaller fault domains.There are totally two OSPF area types. OSPF Backbone area and OSPF non backbone area. Backbone area in OSPF is Area 0. OSPF prevents loop by using backbone area concept.All the non-backbone areas should be connected to the Backbone area. There are […]

The post OSPF Area Types appeared first on Orhanergun.

OSPF Area Types

OSPF Area Types – Different Areas in OSPF are used to create smaller fault domains. There are two OSPF area types in total. OSPF Backbone area and OSPF non-backbone area Backbone area in OSPF is Area 0. OSPF prevents loop by using backbone area concept.All the non-backbone areas should be connected to the Backbone area. There […]

The post OSPF Area Types appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

OSPF Area Types

OSPF Area Types – Different Areas in OSPF are used to create smaller fault domains. There are two OSPF area types in total. OSPF Backbone area and OSPF non-backbone area Backbone area in OSPF is Area 0. OSPF prevents loop by using backbone area concept.All the non-backbone areas should be connected to the Backbone area. There […]

The post OSPF Area Types appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net/newwp.

What Would You Do With Two Million Flows?

Today, Pica8 announced support for Table Type Patterns (TTP) in PicOS, our leading SDN operating system. The premise of this announcement is that with TTP, network engineers and operators can now implement SDN at greater scale – in some cases, up to two million flows (a 1,000x increase from previous methodologies) – while still using standard, white box hardware.

The magic of the technology is how PicOS can seamlessly leverage the capabilities of different switch ASICs. This empowers users with greater choice, and enables them to take advantage of unique capabilities of the ASIC they choose – such as memory space, programmable pipelines, and table management.

In terms of how we achieve greater flow scale with TTP, it’s similar to what I wrote about OpenFlow scale last year: all tables within the ASIC (VLAN, MAC, IP, TCAM, etc) are exposed and can be programmed via OpenFlow. But what’s more interesting is how we are seeing customers put this functionality to use.

Example 1: Cloud Brokering

Cloud BrokerFor ISPs, automation and self-service portals are nirvana for the reduction in OpEx alone. If a customer wants to increase their bandwidth from 10Mbps to 100Gbps, but only wants to do it from Continue reading

Using the OpenDaylight SDN Controller with the Mininet Network Emulator

OpenDaylight (ODL) is a popular open-source SDN controller framework. To learn more about OpenDaylight, it is helpful to use it to manage an emulated network of virtual switches and virtual hosts. Most people use the Mininet network emulator to create a virtual SDN network for OpenDaylight to control.

odl-0100-b

In this post, I will show how to set up OpenDaylight to control an emulated Mininet network using OpenFlow 1.3. Because I am using virtual machines, the procedure I use will work the same in all commonly used host systems: Linux, Windows, and Mac OS X.

Using Virtual Machines

In this lab example, I will use two virtual machines. One will run the Mininet emulated network and the other will run the OpenDaylight controller. I will connect both VMs to a host-only network so they can communicate with each other and with programs running on the host computer, such as ssh and the X11 client.

I will use VirtualBox to run the Mininet VM that I downloaded from the mininet project web site, which is the easiest way to experiment with Mininet. The Mininet project team provides an Ubuntu 14.04 LTS VM image with Mininet 2.2.1, Wireshark Continue reading

Cautionary tale: What happens after daring elite hackers to hack you?

After all the big breaches reported last year, Real Future's Kevin Roose wanted to see how well he would fare in a personal pen-test. Issuing such a “hack me” challenge is rarely wise as New York University Professor and PandoDaily editor Adam Penenberg found out a few years ago after asking TrustWave to hack him if it could. Roose posted a video showing “what happens when you dare expert hackers to hack you” and the resulting pwnage was not pretty.To read this article in full or to leave a comment, please click here

Scalable network diagram layouts and tips for MS Visio

Last time I wrote about drawing L3-diagrams. Since then, I have been planning to write generally about drawing techniques. This blog post will cover some useful layouts as well as MS Visio tips for network engineers. I think MS Visio is not quite optimal for network diagrams and is lacking some key features from network diagramming […]

The post Scalable network diagram layouts and tips for MS Visio appeared first on Packet Pushers.

Scalable network diagram layouts and tips for MS Visio

Last time I wrote about drawing L3-diagrams. Since then, I have been planning to write generally about drawing techniques. This blog post will cover some useful layouts as well as MS Visio tips for network engineers. I think MS Visio is not quite optimal for network diagrams and is lacking some key features from network diagramming […]

The post Scalable network diagram layouts and tips for MS Visio appeared first on Packet Pushers.

Open vSwitch version 2.5 released

The recent Open vSwitch version 2.5 release includes significant network virtualization enhancements:
   - sFlow agent now reports tunnel and MPLS structures.
...
- Add experimental version of OVN. OVN, the Open Virtual Network, is a
system to support virtual network abstraction. OVN complements the
existing capabilities of OVS to add native support for virtual network
abstractions, such as virtual L2 and L3 overlays and security groups.
The sFlow Tunnel Structures specification enhances visibility into network virtualization by capturing encapsulation / decapsulation actions performed by tunnel end points. In many network virtualization implementations VXLAN, GRE, Geneve tunnels are terminate in Open vSwitch and so the new feature has broad application.

The second related feature is the inclusion of the Open Virtual Network (OVN), providing a simple method of building virtual networks for OpenStack and Docker.

The following articles provide additional background:

CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE

Disclaimer : This is a Guest Post, prepared by Yoshinori Okayama, 8xCCIE & CCDE for www.orhanergun.net which is the most visited and well known network design website in the world. First of all, please allow me to introduce myself. My name is Yoshinori Okayama. As a CEO, I’m managing my own company called Root Riff […]

The post CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE

Disclaimer : This is a Guest Post, prepared by Yoshinori Okayama, 8xCCIE & CCDE for www.orhanergun.net which is the most visited and well known network design website in the world. First of all, please allow me to introduce myself. My name is Yoshinori Okayama. As a CEO, I’m managing my own company called Root Riff […]

The post CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net/newwp.

CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE

Cisco CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE Disclaimer : This is a Guest Post, prepared by Yoshinori Okayama, 8xCCIE & CCDE for www.orhanergun.net which is the most visited and well known network design website in the world.   First of all, please allow me to introduce myself. […]

The post CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | OrhanErgun.net.

Checkpoint Firewall CLI tool “dbedit” and quick lab examples

For best article visual quality, open Checkpoint Firewall CLI tool “dbedit” and quick lab examples directly at NetworkGeekStuff.

In this article, I am going to give you a quick guide how to run a single checkpoint FW as virtual machine quickly on your notebook and then super-quick introduction to configuring such checkpoint firewall via CLI instead of the much more typical SmartDashboard. This articles is very focused on what I personally needed to do lab for in work and is in no way a comprehensive guide to the “dbedit” tool from Checkpoint or any firewall automation.

Background

We are using Checkpoint firewalls in our customer networks at work and are heavily using SmartDashboard and other GUI based tools to manage these firewalls in a large datacenter environments (rulebase of 10k+ firewall rules!) because that is simply our internal standard. However recently there came a push to try to automate a certain aspects of configuring these firewalls because several customer wanted to achieve shorter lead-times at least on few aspects of firewall configurations.

And since Checkpoint FWs do not support any real API for managing policies with it, it came down to CLI tools like dbedit, which we will explore Continue reading