0

Scalable network diagram layouts and tips for MS Visio

Last time I wrote about drawing L3-diagrams. Since then, I have been planning to write generally about drawing techniques. This blog post will cover some useful layouts as well as MS Visio tips for network engineers. I think MS Visio is not quite optimal for network diagrams and is lacking some key features from network diagramming […]

The post Scalable network diagram layouts and tips for MS Visio appeared first on Packet Pushers.

0

Scalable network diagram layouts and tips for MS Visio

Last time I wrote about drawing L3-diagrams. Since then, I have been planning to write generally about drawing techniques. This blog post will cover some useful layouts as well as MS Visio tips for network engineers. I think MS Visio is not quite optimal for network diagrams and is lacking some key features from network diagramming […]

The post Scalable network diagram layouts and tips for MS Visio appeared first on Packet Pushers.

0

Open vSwitch version 2.5 released

The recent Open vSwitch version 2.5 release includes significant network virtualization enhancements:

   - sFlow agent now reports tunnel and MPLS structures.
   ...
   - Add experimental version of OVN.  OVN, the Open Virtual Network, is a
     system to support virtual network abstraction.  OVN complements the
     existing capabilities of OVS to add native support for virtual network
     abstractions, such as virtual L2 and L3 overlays and security groups.

The sFlow Tunnel Structures specification enhances visibility into network virtualization by capturing encapsulation / decapsulation actions performed by tunnel end points. In many network virtualization implementations VXLAN, GRE, Geneve tunnels are terminate in Open vSwitch and so the new feature has broad application.

The second related feature is the inclusion of the Open Virtual Network (OVN), providing a simple method of building virtual networks for OpenStack and Docker.

The following articles provide additional background:

• Open vSwitch 2015 Fall Conference
• Open Virtual Network (OVN)
• Network virtualization visibility demo

0

CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE

Disclaimer : This is a Guest Post, prepared by Yoshinori Okayama, 8xCCIE & CCDE for www.orhanergun.net which is the most visited and well known network design website in the world. First of all, please allow me to introduce myself. My name is Yoshinori Okayama. As a CEO, I’m managing my own company called Root Riff […]

The post CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

0

CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE

Disclaimer : This is a Guest Post, prepared by Yoshinori Okayama, 8xCCIE & CCDE for www.orhanergun.net which is the most visited and well known network design website in the world. First of all, please allow me to introduce myself. My name is Yoshinori Okayama. As a CEO, I’m managing my own company called Root Riff […]

The post CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net/newwp.

0

CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE

Cisco CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE Disclaimer : This is a Guest Post, prepared by Yoshinori Okayama, 8xCCIE & CCDE for www.orhanergun.net which is the most visited and well known network design website in the world.   First of all, please allow me to introduce myself. […]

The post CCDE Preparation Tips and Tricks by Yoshinori Okayama – World’s first 8xCCIE & CCDE appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | OrhanErgun.net.

0

Checkpoint Firewall CLI tool “dbedit” and quick lab examples

For best article visual quality, open Checkpoint Firewall CLI tool “dbedit” and quick lab examples directly at NetworkGeekStuff.

In this article, I am going to give you a quick guide how to run a single checkpoint FW as virtual machine quickly on your notebook and then super-quick introduction to configuring such checkpoint firewall via CLI instead of the much more typical SmartDashboard. This articles is very focused on what I personally needed to do lab for in work and is in no way a comprehensive guide to the “dbedit” tool from Checkpoint or any firewall automation.

Background

We are using Checkpoint firewalls in our customer networks at work and are heavily using SmartDashboard and other GUI based tools to manage these firewalls in a large datacenter environments (rulebase of 10k+ firewall rules!) because that is simply our internal standard. However recently there came a push to try to automate a certain aspects of configuring these firewalls because several customer wanted to achieve shorter lead-times at least on few aspects of firewall configurations.

And since Checkpoint FWs do not support any real API for managing policies with it, it came down to CLI tools like dbedit, which we will explore Continue reading

0

Docker meetup Bangalore – Sysdig Presentation

Following link captures the slides on Container monitoring with Sysdig that I presented at Docker Meetup, Bangalore on February 27, 2016. Following are the 2 demo recordings:

0

“Mastering CoreOS” book got published!

My book “Mastering CoreOS” finally got published on February 27, 2016. Big thanks to everyone who supported me in this effort. Motivation for writing this book as well as relevant links to purchase and get more details can be found here. I will keep my fingers crossed on the feedback… I am hoping that the … Continue reading “Mastering CoreOS” book got published! →

0

Linux bridge, macvlan, ipvlan, adapters

The open source Host sFlow project added a feature to efficiently monitor traffic on Linux host network interfaces: network adapters, Linux bridge, macvlan, ipvlan, etc. Implementation of high performance sFlow traffic monitoring is made possible by the inclusion of random packet sampling support in the Berkeley Packet Filter (BPF) implementation in recent Linux kernels (3.19 or later).

In addition to the new BPF capability, hsflowd has a couple of other ways to monitor traffic:

• iptables, add a statistic rule to the iptables firewall to add traffic monitoring
• Open vSwitch, has built-in sFlow instrumentation that can be configured by hsflowd.

The BPF sampling mechanism is less complex to configure than iptables and can be used to monitor any Linux network device, including: network adapters (e.g. eth0) and the Linux bridge (e.g. docker0). Monitoring a network adapter also provides visibility into lightweight macvlan and ipvlan network virtualization technologies that are likely to become more prevalent in the Linux container ecosystem, see Using Docker with macvlan Interfaces.

The following commands build and install hsflowd on an Ubuntu 14.03 host:

sudo apt-get update
sudo apt-get install build-essential
sudo apt-get install libpcap-dev
sudo apt-get install git
git clone https://github. Continue reading

0

SDxCentral Weekly News Roundup — February 26, 2016

5G and NFV partnerships from MWC; security funding in advance of RSA.

0

RSA 2016 Live Stream: The Future State of Security Starts with Virtualization

The 2016 RSA Live Stream for the VMware "The Future State of Security Starts with Virtualization" will be available live on Monday February 29th at 8:30am. Watch the live stream of the event for free on the SDxCentral Network Virtualization Topic Page.

0

Multi Orchestration Support with Big Cloud Fabric Virtual PODs (vPODs)

0

IRS: Actually, that breach last year was way worse than we thought

For U.S. taxpayers, the news just keeps getting worse about the cyberattack discovered last year on the IRS's Get Transcript application,At first, it looked like just over 100,000 taxpayers had been affected. Then, last August, the number was updated to more than 300,000.Now, it looks like a further 390,000 people's information could have been breached, bringing the total estimate to over 700,000."The Treasury Inspector General for Tax Administration conducted a nine-month-long investigation looking back to the launch of the application in January 2014 for additional suspicious activity," the Internal Revenue Service announced on Friday. "This expanded review has identified additional suspicious attempts to access taxpayer accounts using sensitive information already in the hands of criminals."To read this article in full or to leave a comment, please click here

0

Cisco’s dominance continues

To the surprise of perhaps no one, Cisco maintained its dominant leadership share of enterprise and service provider switching and routing in the fourth quarter of 2015, according to Synergy Research. Cisco’s share was 56% of both the aggregate $11 billion market in Q4, and the $41 billion market for all of 2015. Synergy Research Group Its share remained flat from 2014, when the aggregate market was $39.8 billion, Synergy found.To read this article in full or to leave a comment, please click here

0

Troubleshoot#1: Correlation vs Causation

Network problems can be as simple as follows: Ping neighbor. 100% packet loss. Check network interface, it’s down. Change SFP and you are done, problem solved   But they can also be complex; really complex .. In the past few years, I have had the unplanned privilege to see some of the shi**iest networking problems […]

0

Apple vs. the FBI: The legal arguments in a nutshell

Apple has raised some interesting, and potentially winning, legal arguments in its motion to overturn a judge’s order requiring the company to help the FBI unlock the iPhone of a mass shooter.The FBI's request for Apple to write new software to defeat password protections on the phone violates the company’s free speech and due process rights, Apple argued Thursday in its motion to vacate Magistrate Judge Sheri Pym’s Feb.16 order.To read this article in full or to leave a comment, please click here

0

Cloud security is good, but here’s how to make it better

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

More than a third of businesses in the United States currently use the cloud, but by 2020 that number is expected to more than double to a whopping 80%. But even though the cloud is secure, it doesn’t guarantee immunity from data breaches. Now that the cloud is rapidly becoming a mainstream part of IT, businesses must think more critically about how to bolster their security beyond cloud providers’ default security infrastructure—which often proves to be inadequate for the changing face of business.

To read this article in full or to leave a comment, please click here

0

OpenStack Eases NFV Into the Cloud

Proven by telcos, it works for enterprises as well.

0

Oscar ad finds Carrie Fisher, IBM Watson and robots dealing with humans

Apparently IBM’s Watson isn’t all that popular amongst the robot community – at least that’s how it looks in a new IBM commercial "Coping with Humans": A Support Group for Bots.”In the commercial Carrie Fisher (or Princess Leia of Star Wars fame) tries to guide a raft of disgruntled robots in a therapy session that apparently has had problems in the past – saying “maybe this week we might try and listen more – and throw things less.”It’s pretty funny, take a look. +More on Network World: NASA touts real technologies highlighted in 'The Martian' flick+ To read this article in full or to leave a comment, please click here